Common vulnerabilities and Exposures (CVE)

Skip to main content

Required CVE Record Information

Description

Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers.

CVSS 1 Total

ScoreSeverityVersionVector String
7.5HIGH3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Product Status

Learn more

Versions 1 Total

Default Status: unaffected

affected

Credits

  • Melodi Dey finder

Updated:

This container includes required additional information provided by the CVE Program for this vulnerability.

Authorized Data Publishers