CVE-2023-27375

Missing Authentication In IDAttend’s IDWeb Application

Discovered by Melodi Dey on behalf of The Missing Link Security

Vulnerability Details

Missing authentication in the StudentPopupDetails_ContactDetails method in IDAttend’s IDWeb application 3.1.013 allows extraction sensitive student data by unauthenticated attackers.   

Affected Versions

Discovered in: 3.1.013

Fixed Versions

Fixed in: 3.1.053

Latest News

Living off the land (LotL) Attacks: How cybercriminals exploit your own tools

Living off the land (LotL) Attacks: AI and Machine Learning as your best defence

You’ve chosen a managed IT service provider – what comes next?

See All News