CVE-2024-12306

Name of the Vulnerable Software and Affected Versions Unifiedtransform versions 2.0 and earlier

Description The issue involves multiple access control vulnerabilities that allow unauthorized access to personal information of students and teachers. These vulnerabilities include function-level access control issues in list viewing endpoints and object-level access control issues in profile viewing endpoints. A malicious student user can exploit these vulnerabilities to access personal information of other students and teachers.

Recommendations For Unifiedtransform versions 2.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.