Headline
CVE-2023-26574: Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction sensitive student data by unauthenticated attackers.
Discovered by Melodi Dey on behalf of The Missing Link Security
Vulnerability Details
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.013 allows extraction sensitive student data by unauthenticated attackers.
Affected Versions
Discovered in: 3.1.013
Fixed Versions
Fixed in: 3.1.053