CVE-2023-27261 Missing Authentication In IDAttend’s IDWeb Application

Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3.1.052 and earlier allows deletion of data by unauthenticated attackers...

PT-2023-21040 · Idweb · Idweb

Name of the Vulnerable Software and Affected Versions: IDWeb application versions 3.1.052 and earlier Description: The issue concerns missing authentication in the DeleteAssignments method, allowing unauthenticated attackers to delete data. Recommendations: For versions 3.1.052 and earlier,...