MidnightBSD

Advisories for wisetail

CVE-2018-16970 MEDIUM

Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-538,

Products Affected

Vendor Product Version
wisetail learning_management_system *
CVE-2018-16971 MEDIUM

Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to access non-purchased course contents (quiz / test) via a modified id parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-639,

Products Affected

Vendor Product Version
wisetail learning_management_system *