You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Vulnerability description:
src/main/java/com/yf/exam/modules/paper/controller/PaperController.java, Not restricting the input ID resulted in direct viewing of answers during the answering process, leading to cheating in the exam
Code Audit:
src/main/java/com/yf/exam/modules/paper/controller/PaperController.java, Not restricting the input ID resulted in direct viewing of answers during the answering process
Vulnerability verification:
Go take the exam
Start the exam
Current exam ID: 1870818465200226305
Open directly: http://192.168.0.106:8101/#/my/exam/result/1870818465200226305
You can directly view the correct answer
Complete the answer and submit the paper
100 points
The text was updated successfully, but these errors were encountered:
Source Code Developer: Beijing Yunfan Internet Technology Co., Ltd
Source code name:yfexam-exam
Source code version:1.9.2
Source code official website:https://www.jeedocm.com/?plan=githuby
Source code download link:https://github.com/qiutiandefeng/yfexam-exam/archive/refs/heads/main.zip
Vulnerability description:
src/main/java/com/yf/exam/modules/paper/controller/PaperController.java, Not restricting the input ID resulted in direct viewing of answers during the answering process, leading to cheating in the exam
Code Audit:
src/main/java/com/yf/exam/modules/paper/controller/PaperController.java, Not restricting the input ID resulted in direct viewing of answers during the answering process
Vulnerability verification:
Go take the exam
Start the exam
Current exam ID: 1870818465200226305
Open directly: http://192.168.0.106:8101/#/my/exam/result/1870818465200226305
You can directly view the correct answer
Complete the answer and submit the paper
100 points
The text was updated successfully, but these errors were encountered: