INDEX-EDUCATION PRONOTE Incorrect Access Control Vulnerability Allowing Profile Image Retrieval
Vulnerability
A vulnerability allowing incorrect access control has been identified in INDEX-EDUCATION PRONOTE versions prior to 2025.2.8. The issue arises in the 'composeUrlImgPhotoIndividu' component, which permits the creation of direct URLs to user profile images based solely on easily predictable identifiers like user IDs and names. The vulnerability stems from a lack of authorization checks and absence of rate-limiting when generating or accessing these URLs. As a result, an unauthenticated or unauthorized individual could potentially access the profile pictures of users by sending requests with guessed or known identifiers.
Impact
Exploitation of this vulnerability allows for unauthorized access to user profile images, potentially leading to privacy violations.
Reproduction
To reproduce this vulnerability, first compile a list of user identifiers, such as names or user IDs. Then, use the 'composeUrlImgPhotoIndividu' function to generate URLs for the profile images by replacing spaces in the names with underscores and appending the '.jpg' extension. The constructed URLs can be accessed directly to retrieve the images.
Remediation
Users are advised to update to INDEX-EDUCATION PRONOTE version 2025.2.8 or later.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.