IDOR Vulnerability in Floorsight Customer Portal Q3 2023 Allows Unauthorized Access to Sensitive Customer Information

IDOR Vulnerability in Floorsight Customer Portal Q3 2023 Allows Unauthorized Access to Sensitive Customer Information

CVE-2023-45893 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An indirect Object Reference (IDOR) in the Order and Invoice pages in Floorsight Customer Portal Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information.

Learn more about our Web Application Penetration Testing UK.