Количество 3
Количество 3
CVE-2022-27108
OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR) via the end point symfony/web/index.php/time/createTimesheet`. Any user can create a timesheet in another user's account.
CVE-2022-27108
OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR ...
GHSA-729r-q9xr-m8j5
OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR) via the end point symfony/web/index.php/time/createTimesheet`. Any user can create a timesheet in another user's account.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-27108 OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR) via the end point symfony/web/index.php/time/createTimesheet`. Any user can create a timesheet in another user's account. | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| CVE-2022-27108 OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR ... | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| GHSA-729r-q9xr-m8j5 OrangeHRM 4.10 is vulnerable to Insecure Direct Object Reference (IDOR) via the end point symfony/web/index.php/time/createTimesheet`. Any user can create a timesheet in another user's account. | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу