Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-09-12T20:00:00

Updated: 2024-08-05T10:39:58.042Z

Reserved: 2018-09-12T00:00:00

Link: CVE-2018-16970

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-09-12T20:29:00.587

Modified: 2024-11-21T03:53:37.217

Link: CVE-2018-16970

cve-icon Redhat

No data.