Описание
Economizzer Insecure Direct Object Reference vulnerability
An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment.
Пакеты
Наименование
gugoan/economizzer
composer
Затронутые версииВерсия исправления
<= 0.9-beta1
Отсутствует
Связанные уязвимости
CVSS3: 3.7
nvd
больше 2 лет назад
An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment.