漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in SpeedExam Online Examination System (SaaS) after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The provider states that this issue is "Fixed in [02/2026] backend service update."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SpeedExam Online Examination System 安全漏洞
Vulnerability Description
SpeedExam Online Examination System是印度SpeedExam公司的一款在线考试与测评系统。 SpeedExam Online Examination System v.FEV2026之后版本存在安全漏洞,该漏洞源于ReviewAnswerDetails ASP.NET PageMethod存在访问控制缺陷,可能导致经过身份验证的攻击者绕过客户端限制并检索完整答案密钥。
CVSS Information
N/A
Vulnerability Type
N/A