Enviar #661308: https://gitee.com/zhuimengshaonian/wisdom-education wisdom-education 1.0.4 Horizontal overstepping authorityinformación

Títulohttps://gitee.com/zhuimengshaonian/wisdom-education wisdom-education 1.0.4 Horizontal overstepping authority
DescripciónThe /student/exam interface of wisdom-education 1.0.4 version has a horizontal privilege escalation vulnerability. An attacker can view others' information by modifying the subjectId parameter.
Fuente⚠️ https://github.com/xkalami-Tta0/CVE/blob/main/wisdom-education/%E6%B0%B4%E5%B9%B3%E8%B6%8A%E6%9D%83.md
Usuario
 xkalami (UID 90843)
Sumisión2025-09-23 17:52 (hace 7 meses)
Moderación2025-09-26 15:11 (3 days later)
EstadoAceptado
Entrada de VulDB326121 [zhuimengshaonian wisdom-education hasta 1.0.4 ExamInfoController.java selectStudentExamInfoList subjectId escalada de privilegios]
Puntos16

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!