CVE-2018-16971

Wisetail Learning Ecosystem LE through v4.11.6 allows insecure direct object reference IDOR attacks to access non-purchased course contents quiz / test via a modified id parameter...