RSS   Podatności dla 'Selection portal'   RSS

2021-02-18
 
CVE-2020-35577

NVD-CWE-Other
 

 
In Endalia Selection Portal before 4.205.0, an Insecure Direct Object Reference (IDOR) allows any authenticated user to download every file uploaded to the platform by changing the value of the file identifier (aka CommonDownload identification number).

 


Copyright 2024, cxsecurity.com

 

Back to Top