4 matches found
CVE-2023-49339
Ellucian Banner 9.17 allows Insecure Direct Object Reference IDOR via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint...
Design/Logic Flaw
Ellucian Banner 9.17 allows Insecure Direct Object Reference IDOR via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint...
CVE-2023-49339
Ellucian Banner 9.17 allows Insecure Direct Object Reference IDOR via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint...
CVE-2023-49339
CVE-2023-49339 affects Ellucian Banner 9.17 (and earlier per sources) with an Insecure Direct Object Reference (IDOR) via a modified bannerId to /StudentSelfService/ssb/studentCard/retrieveData. Root cause: IDOR enabling potential unauthorized data access; CVSS 3.1 base score 6.5 (MEDIUM) with Co...