2023-11-20 00:00:00
mitre
PUBLISHED
An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any students files by visiting /assets/studentfiles/