Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality.