3 matches found
CVE-2024-50671
Incorrect access control in Adapt Learning Adapt Authoring Tool = 0.11.3 allows attackers with Authenticated User roles to obtain email addresses via the "Get users" feature. The vulnerability occurs due to a flaw in permission verification logic, where the wildcard character in permitted URLs...
Adapt Authoring Tool 0.11.3 - Remote Command Execution (RCE)
Exploit Title: Adapt Authoring Tool 0.11.3 - Remote Command Execution RCE Date: 2024-11-24 Exploit Author: Eui Chul Chung Vendor Homepage: https://www.adaptlearning.org/ Software Link: https://github.com/adaptlearning/adaptauthoring Version: 0.11.3 CVE Identifier: CVE-2024-50672 , CVE-2024-50671...
CVE-2024-50671
Incorrect access control in Adapt Learning Adapt Authoring Tool = 0.11.3 allows attackers with Authenticated User roles to obtain email addresses via the "Get users" feature. The vulnerability occurs due to a flaw in permission verification logic, where the wildcard character in permitted URLs...