| Title | Beijing Yunfan Internet Technology Co., Ltd yfexam-exam 1.9.2 logical loophole |
|---|
| Description | src/main/java/com/yf/exam/modules/paper/controller/PaperController.java, Not restricting the input ID resulted in direct viewing of answers during the answering process, leading to cheating in the exam |
|---|
| Source | ⚠️ https://github.com/qiutiandefeng/yfexam-exam/issues/5 |
|---|
| User | LVZC (UID 74910) |
|---|
| Submission | 12/22/2024 15:06 (2 years ago) |
|---|
| Moderation | 01/01/2025 12:31 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 289926 [Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2 Exam Answer PaperController.java, information disclosure] |
|---|
| Points | 16 |
|---|