CVE-2023-49339

Publication date

2024-02-13 00:00:00

Family

mitre

State

PUBLISHED

Description

Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.