4 matches found
CVE-2022-30760
An Insecure Direct Object Reference IDOR issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allows remote authenticated attackers to obtain sensitive student information final grades, study courses, degrees by changing the student ID parameter in the HTTP POST request to the FrontControllerSS...
CVE-2022-30760
An Insecure Direct Object Reference IDOR issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allows remote authenticated attackers to obtain sensitive student information final grades, study courses, degrees by changing the student ID parameter in the HTTP POST request to the FrontControllerSS...
CVE-2022-30760
An Insecure Direct Object Reference IDOR issue in fn2Web in ihb eG FlexNow before 2.04.09.016 allows remote authenticated attackers to obtain sensitive student information final grades, study courses, degrees by changing the student ID parameter in the HTTP POST request to the FrontControllerSS...
CVE-2022-30760
Vulnerability context: CVE-2022-30760 affects the ihb eG FlexNow product (fn2Web) prior to version 2.04.09.016. The issue is an insecure direct object reference (IDOR) that allows remote authenticated users to access sensitive student data by altering the student ID parameter in a POST to the Fro...