Email Address Change Vulnerability in ILIAS
CVE-2022-31266 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page) allows remote attackers to take over accounts.
Learn more about our Web Application Penetration Testing UK.