CVE-2020-37114

Name of the Vulnerable Software and Affected Versions GUnet OpenEclass version 1.7.3

Description Improper access controls and information disclosure flaws in various modules allow unauthenticated and authenticated users to access sensitive data. This includes system information, application version, and uploaded assessments belonging to other students. Attackers can retrieve system and version details or view and download files from other users without proper authorization.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.