Vulnerability CVE-2023-24625


Published: 2023-03-24

Description:
Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack.

 References:
https://medium.com/@cupc4k3/vulnerabilities-in-faveo-service-desk-37a63f53d896
https://cupc4k3.lol/cve-2023-24625-idor-in-faveo-service-desk-37a63f53d896
https://www.faveohelpdesk.com/servicedesk/

Copyright 2026, cxsecurity.com

 

Back to Top