CVE-2026-30707
An issue was discovered in SpeedExam Online Examination System (SaaS) after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The provider states that this issue is "Fixed in [02/2026] backend service update."
Vendor
-
Product
-
CWE
Yayın Tarihi
2026-03-17 20:16:13
Güncelleme
2026-03-24 18:16:09
Source Identifier
cve@mitre.org
KEV Date Added
-