PT-2023-17286 · Unknown · Sourcecodester Online Graduate Tracer System

J1An

Publicado

2023-04-05

Atualizado

2024-05-17

CVE-2023-1854

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SourceCodester Online Graduate Tracer System version 1.0

Description A problematic issue was found in the system, affecting an unknown function of the file admin/. This issue leads to session expiration and can be exploited remotely. The details of this issue have been publicly disclosed.

Recommendations For SourceCodester Online Graduate Tracer System version 1.0, consider restricting access to the admin/ file until a patch is available. As a temporary workaround, consider implementing additional session validation to minimize the risk of session expiration due to this issue. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Correção

Insufficient Session Expiration

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-613

Identificadores relacionados

CVE-2023-1854

Produtos afetados

Sourcecodester Online Graduate Tracer System

PT-2023-17286 · Unknown · Sourcecodester Online Graduate Tracer System

CVE-2023-1854

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6