Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student information by unauthenticated attackers.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: TML
Published: 2023-10-25T10:15:17.834Z
Updated: 2024-09-11T13:11:45.364Z
Reserved: 2023-02-27T05:41:59.845Z
Link: CVE-2023-27257
Vulnrichment
Updated: 2024-08-02T12:01:32.413Z
NVD
Status : Analyzed
Published: 2023-10-25T18:17:26.410
Modified: 2023-10-28T03:19:47.833
Link: CVE-2023-27257
Redhat
No data.