7 matches found
CVE-2022-28924
An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/...
CVE-2022-28924
An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/...
CVE-2022-28924
An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/...
CVE-2022-28924
An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/...
Information disclosure
An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/...
CVE-2022-28924
The CVE-2022-28924 entry concerns UniverSIS-Students prior to v1.5.0, where a crafted GET request to /api/students/me/courses/ can disclose sensitive information. The vulnerability is an information disclosure flaw in the API endpoint, enabling attackers to access data without proper authorizatio...
CVE-2022-28924
An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/...