Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WisdomGarden|Tronclass - Insecure Direct Object Reference
Vulnerability Description
Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
WisdomGarden Tronclass 安全漏洞
Vulnerability Description
WisdomGarden Tronclass是中国智园(WisdomGarden)公司的一款互动式教学管理平台。 WisdomGarden Tronclass存在安全漏洞,该漏洞源于不安全的直接对象引用,可能导致经过身份验证的远程攻击者加入任意课程。
CVSS Information
N/A
Vulnerability Type
N/A