Wisetail Learning Ecosystem 4.11.6 Insecure Direct Object Reference

Discussion in 'News Aggregator' started by Packet Storm, 14 Sep 2018.

  1. Packet Storm

    Packet Storm Guest

    Wisetail Learning Ecosystem (LE) versions up to 4.11.6 suffer from multiple insecure direct object reference vulnerabilities that allow an attacker to download files and get access to the non-purchased course quiz test via a modified id parameter.

    Continue reading...
     
    #1 Packet Storm, 14 Sep 2018
(You must log in or sign up to post here.)

Share This Page

Loading...