| |
Vulnerability CVE-2021-27522
Published: 2021-04-08
| Description: |
Learnsite 1.2.5.0 contains a remote privilege escalation vulnerability in /Manager/index.aspx through the JudgIsAdmin() function. By modifying the initial letter of the key of a user cookie, the key of the administrator cookie can be obtained. |
References: |
https://github.com/WaterCountry/Learnsite/issues/1
|
|
|
Copyright 2021, cxsecurity.com
|
|
|
