Arbitrary File Read Vulnerability in Backup Feature: Limited Access to Teachers, Managers, and Admins
CVE-2023-28330 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.
Learn more about our Web Application Penetration Testing UK.