Vulnerability Description
Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the endpoint '/administracion/admin_usuarios.cgi?filtro_estado=T&wAccion=listado_xlsx&wBuscar=&wFiltrar=&wOrden=alta_usuario&wid_cursoActual=[ID]' where the data of users enrolled in the course is exported. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access user data (e.g., usernames, first and last names, email addresses, and phone numbers) and retrieve the data of all users enrolled in courses by performing a brute-force attack on the course ID via a manipulated URL.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2026-3110?
CVE-2026-3110 is a documented vulnerability. Insecure Direct Object Reference (IDOR) vulnerability in Campus Educativa specifically at the endpoint '/administracion/admin_usuarios.cgi?filtro_estado=T&wAccion=listado_xlsx&wBuscar=&wFiltrar=&wOrde...
How severe is CVE-2026-3110?
CVSS scoring is not yet available for CVE-2026-3110. Check NVD for updates.
Is there a patch for CVE-2026-3110?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.