CVE-2023-49339

Description

Ellucian Banner 9.17 allows Insecure Direct Object Reference (IDOR) via a modified bannerId to the /StudentSelfService/ssb/studentCard/retrieveData endpoint.

NVD

Severity: N/A
CVE ID: CVE-2023-49339
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.

Refrence: NVDMITRE

Proof Of Concept

3zizme

Critical Security Vulnerability in Ellucian Banner System

Refrence: GitHub