Soumettre #661308: https://gitee.com/zhuimengshaonian/wisdom-education wisdom-education 1.0.4 Horizontal overstepping authorityinformation

Titrehttps://gitee.com/zhuimengshaonian/wisdom-education wisdom-education 1.0.4 Horizontal overstepping authority
DescriptionThe /student/exam interface of wisdom-education 1.0.4 version has a horizontal privilege escalation vulnerability. An attacker can view others' information by modifying the subjectId parameter.
La source⚠️ https://github.com/xkalami-Tta0/CVE/blob/main/wisdom-education/%E6%B0%B4%E5%B9%B3%E8%B6%8A%E6%9D%83.md
Utilisateur
 xkalami (UID 90843)
Soumission23/09/2025 17:52 (il y a 7 mois)
Modérer26/09/2025 15:11 (3 days later)
StatutAccepté
Entrée VulDB326121 [zhuimengshaonian wisdom-education jusqu’à 1.0.4 ExamInfoController.java selectStudentExamInfoList subjectId élévation de privilèges]
Points16

PrécédentAperçuSuivant

Do you need the next level of professionalism?

Upgrade your account now!