CVE-2014-9127
Open-School Community Edition 2.2 is affected by CVE-2014-9127: an access control bypass in the export feature allows remote authenticated users to view sensitive data via the r parameter set to export on index.php. The issue enables partial confidentiality impact as described in the CVE entry, w...