Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Moderate

C4G BLIS Improper Access Control

Disclosure Date: November 06, 2019 (last updated October 06, 2023)
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and earlier suffers from an instance of CWE-284, "Improper Access Control." As a result, an unauthenticated user may alter several facets of a user account, including promoting any user to an administrator.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
1