CVE-2026-2997 – WisdomGarden|Tronclass – Insecure Direct Object Reference

CVE ID : CVE-2026-2997

Published : Feb. 23, 2026, 1:55 a.m. | 1 hour, 9 minutes ago

Description : Tronclass developed by WisdomGarden has a Insecure Direct Object Reference vulnerability. After obtaining a course ID, authenticated remote attackers to modify a specific parameter to obtain a course invitation code, thereby joining any course.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-2971 – a466350665 Smart-SSO Login login.html cross site scripting

CVE-2026-2998 – eAI Technologies|ERP – DLL Hijacking

CVE-2026-2968 – Cesanta Mongoose Poly1305 Authentication Tag tls_chacha20.c mg_chacha20_poly1305_decrypt signature verification

CVE-2026-2967 – Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source