CVE-2023-3345 - CERT CVE
ID CVE-2023-3345
Sažetak The LMS by Masteriyo WordPress plugin before 1.6.8 does not have proper authorization in one some of its REST API endpoints, making it possible for any students to retrieve email addresses of other students
Reference
CVSS
Base: 6.5
Impact: 3.6
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Zadnje važnije ažuriranje 10-06-2025 - 11:56
Objavljeno 31-07-2023 - 10:15