Headline
CVE-2023-26573: Missing Authentication In IDAttend’s IDWeb Application
Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials.
Discovered by Jack Misiura on behalf of The Missing Link Security
Vulnerability Details
Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.013 allows denial of service or theft of database login credentials.
Affected Versions
Discovered in: 3.1.013
Fixed Versions
Fixed in: 3.1.053