CVE-2020-35577

CVE-2020-35577

In Endalia Selection Portal before 4.205.0, an Insecure Direct Object Reference (IDOR) allows any authenticated user to download every file uploaded to the platform by changing the value of the file identifier (aka CommonDownload identification number).

Source: CVE-2020-35577

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다