Wisetail Learning Ecosystem (LE) versions up to 4.11.6 suffer from multiple insecure direct object reference vulnerabilities that allow an attacker to download files and get access to the non-purchased course quiz test via a modified id parameter.
cc36e32ff6b7ae17f07bc9e0331c469bc08d5e7f11e8832e9800e8f423a2219c