In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page) allows remote attackers to take over accounts.
References
Link | Resource |
---|---|
https://medium.com/%40bcksec/in-ilias-through-7-10-620c0de685ee | |
https://www.bcksec.com/services/ | Broken Link |
Configurations
History
07 Nov 2023, 03:47
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2022-06-29 01:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-31266
Mitre link : CVE-2022-31266
CVE.ORG link : CVE-2022-31266
JSON object : View
Products Affected
ilias
- ilias
CWE
CWE-354
Improper Validation of Integrity Check Value