Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to access non-purchased course contents (quiz / test) via a modified id parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-09-12T20:00:00

Updated: 2024-08-05T10:39:58.792Z

Reserved: 2018-09-12T00:00:00

Link: CVE-2018-16971

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-09-12T20:29:00.697

Modified: 2024-11-21T03:53:37.367

Link: CVE-2018-16971

cve-icon Redhat

No data.