Improper Access Control in User List Function Allows Privilege Escalation
CVE-2022-42197 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
In Simple Exam Reviewer Management System v1.0 the User List function has improper access control that allows low privileged users to modify user permissions to higher privileges.
Learn more about our User Device Pen Test.