Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
VIWIS LMS Print authorization
Vulnerability Description
A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an unknown function of the component Print Handler. The manipulation leads to missing authorization. It is possible to launch the attack remotely. A user with the role learner can use the administrative print function with an active session before and after an exam slot to access the entire exam including solutions in the web application. It is recommended to apply a patch to fix this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
VIWIS LMS 安全漏洞
Vulnerability Description
Viwis LMS是美国Viwis公司的一个学习管理系统。 VIWIS LMS 9.11版本存在安全漏洞,该漏洞源于Print Handler组件授权缺失。具有学习者角色的用户可以在考试时段之前和之后使用管理打印功能和活动会话来访问整个考试,包括 Web 应用程序中的解决方案。
CVSS Information
N/A
Vulnerability Type
N/A