Lucene search
K

4 matches found

NVD
NVD
added 2024/12/09 9:15 a.m.16 views

CVE-2024-12307

A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows teachers to modify student personal data without proper authorization. The vulnerability exists due to missing access control checks in the student editing functionality. At the...

4.3CVSS0.00237EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 8:50 a.m.19 views

CVE-2024-12307 Function-Level Access Control Vulnerability Allows Unauthorized Modification of Student Data in Unifiedtransform

A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows teachers to modify student personal data without proper authorization. The vulnerability exists due to missing access control checks in the student editing functionality. At the...

4.3CVSS0.00237EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 8:50 a.m.17 views

CVE-2024-12307 Function-Level Access Control Vulnerability Allows Unauthorized Modification of Student Data in Unifiedtransform

A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows teachers to modify student personal data without proper authorization. The vulnerability exists due to missing access control checks in the student editing functionality. At the...

4.3CVSS6.8AI score0.00237EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 8:50 a.m.60 views

CVE-2024-12307

CVE-2024-12307 affects Unifiedtransform (2.0 and earlier). Root cause: function-level access control missing in the student editing workflow, enabling teachers to modify student personal data without proper authorization. Initial publication notes no patch was available. Connected sources also re...

4.3CVSS4.6AI score0.00237EPSS
Exploits0References1
Rows per page
Query Builder