CVE-2026-2997

Publication date

2026-02-23 01:55:37

Family

twcert

State

PUBLISHED

Description

Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course.