CVE-2024-12307 – Unifiedtransform Teacher Privilege Escalation Vulnerability

12月 9, 2024
10:16 am

CVE ID : CVE-2024-12307

Published : Dec. 9, 2024, 9:15 a.m. | 1 hour, 1 minute ago

Description : A function-level access control vulnerability in Unifiedtransform version 2.0 and potentially earlier versions allows teachers to modify student personal data without proper authorization. The vulnerability exists due to missing access control checks in the student editing functionality. At the time of publication of the CVE no patch is available.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-12307 – Unifiedtransform Teacher Privilege Escalation Vulnerability

Elvescore.io

Recent Posts

CVE-2024-12908 – Delinea Secret Server Regular Expression Injection Vulnerability

CVE-2024-12958 – RPost MCA SQL Injection Vulnerability

CVE-2024-12959 – “Fortress MCA SQL Injection”

CVE-2024-51540 – Dell ECS Arithmetic Overflow Vulnerability (Path Traversal)

CVE-2024-12955 – PHPGurukul Blood Bank & Donor Management System CSRF Vulnerability

CVE-2024-12956 – “Unrestricted File Upload in 1000 Projects Portfolio Management System MCA”

CVE-2024-12307 – Unifiedtransform Teacher Privilege Escalation Vulnerability

CVE-2024-12307 – Unifiedtransform Teacher Privilege Escalation Vulnerability