High severity7.5NVD Advisory· Published Nov 20, 2023· Updated Jun 17, 2026
CVE-2023-38884
CVE-2023-38884
Description
An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/-'
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38884nvdVendor Advisory
- www.os4ed.comnvdProduct
News mentions
0No linked articles in our index yet.