Economizzer Insecure Direct Object Reference vulnerability
Low severity
GitHub Reviewed
Published
Sep 28, 2023
to the GitHub Advisory Database
•
Updated Nov 7, 2023
Description
Published by the National Vulnerability Database
Sep 28, 2023
Published to the GitHub Advisory Database
Sep 28, 2023
Reviewed
Sep 28, 2023
Last updated
Nov 7, 2023
An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment.
References