Описание
Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack.
Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-24625
- https://cupc4k3.lol/cve-2023-24625-idor-in-faveo-service-desk-37a63f53d896
- https://medium.com/%40cupc4k3/vulnerabilities-in-faveo-service-desk-37a63f53d896
- https://medium.com/@cupc4k3/vulnerabilities-in-faveo-service-desk-37a63f53d896
- https://www.faveohelpdesk.com/servicedesk
Связанные уязвимости
CVSS3: 6.5
nvd
почти 3 года назад
Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack.