Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
TCExam Missing Authorization Vulnerability - CVE-2023-6554 - Vulnerability Database
TCExam

TCExam Missing Authorization Vulnerability - CVE-2023-6554

Medium
Reference: CVE-2023-6554
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-6554
Title: TCExam Missing Authorization Vulnerability
Overview:

When access to the quotadminquot folder is not protected by some external authorization mechanisms e.g. Apache Basic Auth it is possible for any user to download protected information like exam answers.