Insecure Permissions in xzs-mysql >= t3.4.0: Exploiting Examination Paper Submission Vulnerability

CVE-2021-46086 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

xzs-mysql >= t3.4.0 is vulnerable to Insecure Permissions. The front end of this open source system is an online examination system. There is an unsafe vulnerability in the functional method of submitting examination papers. An attacker can use burpuite to modify parameters in the packet to destroy real data.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.