RSS   Podatności dla 'Learnsite'   RSS

2021-04-08
 
CVE-2021-27522

CWE-269
 

 
Learnsite 1.2.5.0 contains a remote privilege escalation vulnerability in /Manager/index.aspx through the JudgIsAdmin() function. By modifying the initial letter of the key of a user cookie, the key of the administrator cookie can be obtained.

 


Copyright 2021, cxsecurity.com

 

Back to Top