Description
When access to the "admin" folder is not protected by some external authorization mechanisms e.g. Apache Basic Auth, it is possible for any user to download protected information like exam answers.
Remediation
References
Related Vulnerabilities
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-41585)
Oracle JRE CVE-2022-21291 Vulnerability (CVE-2022-21291)
Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.8)
WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.27)
WordPress Plugin Integration for Gravity Forms and Pipedrive Cross-Site Scripting (1.0.6)