exploitDog

GHSA-5rfq-95qv-rxwp

Опубликовано: 02 янв. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An indirect Object Reference (IDOR) in the Order and Invoice pages in Floorsight Customer Portal Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information.

An indirect Object Reference (IDOR) in the Order and Invoice pages in Floorsight Customer Portal Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information.

Ссылки

EPSS

Процентиль: 77%

0.01006

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2023-45893

CVSS3: 7.5

nvd

около 2 лет назад

An indirect Object Reference (IDOR) in the Order and Invoice pages in Floorsight Customer Portal Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information.

EPSS

Процентиль: 77%

0.01006

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-639