CVE-2023-1356

Reflected Cross-site Scripting In IDAttend’s IDWeb Application

Discovered by Jack Misiura on behalf of The Missing Link Security

Vulnerability Details

Reflected cross-site scripting in the StudentSearch component in IDAttend’s IDWeb application 3.1.013 allows hijacking of a user’s browsing session by attackers who have convinced the said user to click on a malicious link.   

Affected Versions

Discovered in: 3.1.013

Fixed Versions

Fixed in: 3.1.053

Latest News

From Phuket with insight: Celebrating partnership success with Cloudflare

The unseen battle: Why you need secure coding now more than ever

The hidden risks of incomplete cyber security visibility

See All News