4 matches found
CVE-2023-49339
Ellucian Banner 9.17 allows Insecure Direct Object Reference IDOR via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint...
CVE-2023-49339
creationtimestamp| type| source ---|---|--- 2024-02-13 02:21:50+00:00| seen| https://t.me/ctinow/183562 2025-05-07 21:22:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15422...
CVE-2023-49339
Ellucian Banner 9.17 allows Insecure Direct Object Reference IDOR via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint...
CVE-2023-49339
CVE-2023-49339 affects Ellucian Banner 9.17 (and earlier per sources) with an Insecure Direct Object Reference (IDOR) via a modified bannerId to /StudentSelfService/ssb/studentCard/retrieveData. Root cause: IDOR enabling potential unauthorized data access; CVSS 3.1 base score 6.5 (MEDIUM) with Co...