CVE-2021-46086

Name of the Vulnerable Software and Affected Versions xzs-mysql versions t3.4.0 and later

Description The issue concerns an insecure permissions vulnerability in the functional method of submitting examination papers in an online examination system. An attacker can exploit this by modifying parameters in the packet using tools like burp suite to potentially destroy real data.

Recommendations For xzs-mysql versions t3.4.0 and later, consider restricting access to the examination paper submission functionality until a proper fix is applied, and review the system's permissions to ensure they are properly secured.