In Correspondence Management System (corms) in Newgen eGov 12.0, an attacker can modify other users' profile information by manipulating the unvalidated UserIndex parameter, aka Insecure Direct Object Reference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
newgensoft egov 12.0 |