Insecure Direct Object References (IDOR) in EMSigner v2.8...
Moderate severity
Unreviewed
Published
Nov 14, 2023
to the GitHub Advisory Database
•
Updated Nov 17, 2023
Description
Published by the National Vulnerability Database
Nov 14, 2023
Published to the GitHub Advisory Database
Nov 14, 2023
Last updated
Nov 17, 2023
Insecure Direct Object References (IDOR) in EMSigner v2.8.7 allow attackers to gain unauthorized access to application content and view sensitive data of other users via manipulation of the documentID and EncryptedDocumentId parameters.
References