ГлавнаяУязвимости → CVE-2024-53573
9.8критическая

CVE-2024-53573

Описание

Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access and manipulate endpoints intended exclusively for administrative use. This issue specifically affects teacher/edit/{id}.

Затрагиваемое ПО
Changeweb Unifiedtransform
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://drive.google.com/file/d/14Or6QIpOeLEqdFm1mwxdE_NNCOwMmcFc/viewhttps://www.getastra.com/blog/vulnerability/improper-access-control-in-school-management-system-unifiedtransform/https://drive.google.com/file/d/14Or6QIpOeLEqdFm1mwxdE_NNCOwMmcFc/view