An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated malicious user to access cash book entry attachments of any other user, if they know the Id of the attachment.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
economizzer economizzer april_2023 |
||
economizzer economizzer 0.9 |