Security Advisory

CVE-2021-42331

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-15 12:10:32

Last updated 2024-09-17 01:56:36

Assigner twcert

State PUBLISHED

Description

The “Study Edit” function of ShinHer StudyOnline System does not perform permission control. After logging in with user’s privilege, remote attackers can access and edit other users’ tutorial schedule by crafting URL parameters.

← Browse all CVEs View on cve.org ↗