When access to the "admin" folder is not protected by some external authorization mechanisms e.g. Apache Basic Auth, it is possible for any user to download protected information like exam answers.
References
Link | Resource |
---|---|
https://cert.pl/en/posts/2024/01/CVE-2023-6554/ | Third Party Advisory |
https://cert.pl/posts/2024/01/CVE-2023-6554/ | Third Party Advisory |
https://tcexam.org/ | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: CERT-PL
Published: 2024-01-11T15:17:23.523Z
Updated: 2024-01-11T15:17:23.523Z
Reserved: 2023-12-06T13:46:33.216Z
Link: CVE-2023-6554
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-11T16:15:54.300
Modified: 2024-01-18T17:35:46.637
Link: CVE-2023-6554
JSON object: View
Redhat Information
No data.
CWE