Jonafk555

**Name of the Vulnerable Software and Affected Versions** WisdomGarden Tronclass (affected versions not specified) **Description** The issue is related to improper access control when uploading files. An authenticated remote attacker with general user privileges can exploit this to access files belonging to other users by modifying the `file ID` within the URL. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.