3 matches found
CVE-2024-12305
An object-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows unauthorized access to student grades. A malicious student user can view grades of other students by manipulating the studentid parameter in the marks viewing endpoint. The...
CVE-2024-12305
creationtimestamp| type| source ---|---|--- 2024-12-09 08:55:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113622027518045241 2024-12-09 11:20:48+00:00| seen| https://t.me/cvedetector/12367...
CVE-2024-12305 Object-Level Access Control Vulnerability Allows Unauthorized Access to Student Grades in Unifiedtransform
An object-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows unauthorized access to student grades. A malicious student user can view grades of other students by manipulating the studentid parameter in the marks viewing endpoint. The...