2024-07-15 02:50:39
twcert
PUBLISHED
The tumbnail API of Tronclass from WisdomGarden lacks proper access control, allowing unauthenticated remote attackers to obtain certain specific files by modifying the URL.