| عنوان | https://gitee.com/zhuimengshaonian/wisdom-education wisdom-education 1.0.4 Horizontal overstepping authority |
|---|
| الوصف | The /student/exam interface of wisdom-education 1.0.4 version has a horizontal privilege escalation vulnerability. An attacker can view others' information by modifying the subjectId parameter. |
|---|
| المصدر | ⚠️ https://github.com/xkalami-Tta0/CVE/blob/main/wisdom-education/%E6%B0%B4%E5%B9%B3%E8%B6%8A%E6%9D%83.md |
|---|
| المستخدم | xkalami (UID 90843) |
|---|
| ارسال | 23/09/2025 05:52 PM (7 أشهر منذ) |
|---|
| الاعتدال | 26/09/2025 03:11 PM (3 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 326121 [zhuimengshaonian wisdom-education حتى 1.0.4 ExamInfoController.java selectStudentExamInfoList subjectId تجاوز الصلاحيات] |
|---|
| النقاط | 16 |
|---|