In SapphireIMS 4097_1, a guest user is able to change the password of an administrative user by utilizing an Insecure Direct Object Reference (IDOR) in the "Account Password Reset" functionality.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sapphireims sapphireims 4097_1 |