Wisetail Learning Ecosystem (LE) Upto v4.11.6 Multiple IDOR Vunlerability

W
Description

Wisetail Learning Ecosystem (LE) upto v4.11.6 suffers from multiple insecure direct object reference (IDOR) vulnerability that allows an user to download files and access the course materials.

Vendor Website
Proof-of-Concept
 
 

 

Disclosure Timeline
  • Affected Version: upto 4.11.6
  • Vendor Contact: August 24, 2018 – September 11, 2018
  • Blog Post Published: September 12, 2018
  • Applied for CVE: September 12, 2018
  • Assigned CVE: CVE-2018-16970CVE-2018-16971


About Me

InfoSec Researcher & Penetration Tester

By Ziaur Rashid

Categories

Recent Posts