Unauthorized access to the online examination system

1、Log in to the teacher account, edit it in student management, capture the package, delete the cookie, and still be able to access it. Unauthorized access is found

![Image](https://github.com/user-attachments/assets/f44d40d0-b2e1-454a-89c9-1b0493fcbc67)

![Image](https://github.com/user-attachments/assets/aa2eadec-5a67-45a2-b888-dfbe84af5fa7)

2、Try to modify the student's content information, for example: change the original password 123456 to 666666

![Image](https://github.com/user-attachments/assets/ffb54de3-2cb2-493b-9497-7796f5323959)
3、At this time, I logged into the student account again and found that the password was changed to 666666, and successfully completed the login 

4、In the source code audit, it was found that no permission identification was done

![Image](https://github.com/user-attachments/assets/a73f68da-a733-484c-90aa-27657b8089b1)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Unauthorized access to the online examination system #73

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Unauthorized access to the online examination system #73

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions