2 matches found
PT-2023-21036 · Idweb · Idweb
Name of the Vulnerable Software and Affected Versions: IDWeb application versions 3.1.052 and earlier Description: The issue concerns missing authentication in the GetActiveToiletPasses method, allowing unauthenticated attackers to retrieve student information. Recommendations: For versions 3.1.0...
PT-2023-20743 · Idattend · Idweb
Name of the Vulnerable Software and Affected Versions: IDAttend's IDWeb application versions 3.1.052 and earlier Description: The issue allows attackers to hijack the browsing session of the logged-in user through stored cross-site scripting in the IDWeb application. Recommendations: For versions...