Wisetail Learning Ecosystem (LE) through v4.11.6 allows insecure direct object reference (IDOR) attacks to download non-purchased course files via a modified id parameter.
, aka 'Azure Sphere Unsigned Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16982, CVE-2020-16984, CVE-2020-16987, CVE-2020-16991, CVE-2020-16994.
, aka 'Azure Sphere Unsigned Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16970, CVE-2020-16984, CVE-2020-16987, CVE-2020-16991, CVE-2020-16994.
, aka 'Azure Sphere Unsigned Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16970, CVE-2020-16982, CVE-2020-16987, CVE-2020-16991, CVE-2020-16994.