| Titel | https://gitee.com/zhuimengshaonian/wisdom-education wisdom-education 1.0.4 Horizontal overstepping authority |
|---|
| Beschreibung | The /student/exam interface of wisdom-education 1.0.4 version has a horizontal privilege escalation vulnerability. An attacker can view others' information by modifying the subjectId parameter. |
|---|
| Quelle | ⚠️ https://github.com/xkalami-Tta0/CVE/blob/main/wisdom-education/%E6%B0%B4%E5%B9%B3%E8%B6%8A%E6%9D%83.md |
|---|
| Benutzer | xkalami (UID 90843) |
|---|
| Einreichung | 23.09.2025 17:52 (vor 7 Monaten) |
|---|
| Moderieren | 26.09.2025 15:11 (3 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 326121 [zhuimengshaonian wisdom-education bis 1.0.4 ExamInfoController.java selectStudentExamInfoList subjectId erweiterte Rechte] |
|---|
| Punkte | 16 |
|---|