Headline
CVE-2023-26571: Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and earlier allows modification of student data by unauthenticated attackers.
Discovered by Melodi Dey on behalf of The Missing Link Security
Vulnerability Details
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.013 allows modification of student data by unauthenticated attackers.
Affected Versions
Discovered in: 3.1.013
Fixed Versions
Fixed in: 3.1.053