Insecure Direct Object Reference (IDOR) Vulnerability in Wisetail Learning Ecosystem (LE) v4.11.6

Insecure Direct Object Reference (IDOR) Vulnerability in Wisetail Learning Ecosystem (LE) v4.11.6

CVE-2018-16971 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to access non-purchased course contents (quiz / test) via a modified id parameter.

Learn more about our E Learning Pen Testing.