Insecure Direct Object Reference (IDOR) Vulnerability in Ellucian Banner 9.17

Insecure Direct Object Reference (IDOR) Vulnerability in Ellucian Banner 9.17

CVE-2023-49339 · Severity

Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.

Learn more about our Web Application Penetration Testing UK.