CVE-2023-27257

Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1.052 and earlier allows retrieval of student information by unauthenticated attackers. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt