Wisetail Learning Ecosystem (LE) Upto v4.11.6 Multiple IDOR Vunlerability

W
Description

Wisetail Learning Ecosystem (LE) upto v4.11.6 suffers from multiple insecure direct object reference (IDOR) vulnerability that allows an user to download files and access the course materials.

Vendor Website
Proof-of-Concept
 
 

 

Disclosure Timeline
  • Affected Version: upto 4.11.6
  • Vendor Contact: August 24, 2018 – September 11, 2018
  • Blog Post Published: September 12, 2018
  • Applied for CVE: September 12, 2018
  • Assigned CVE: CVE-2018-16970CVE-2018-16971

About Me
InfoSec Researcher & Penetration Tester
By Ziaur Rashid

Categories

Recent Posts