Insecure Direct Object Reference (IDOR) Vulnerability in gugoan Economizzer: Unauthorized Access to Cash Book Entry Attachments
CVE-2023-38872 · LOW Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment.
Learn more about our User Device Pen Test.