CVE-2024-55186 – Oqtane Framework User account IDOR Vulnerability

12月 20, 2024
5:16 pm

CVE ID : CVE-2024-55186

Published : Dec. 20, 2024, 4:15 p.m. | 1 hour ago

Description : An IDOR (Insecure Direct Object Reference) vulnerability exists in oqtane Framework 6.0.0, allowing a logged-in user to access inbox messages of other users by manipulating the notification ID in the request URL. By changing the notification ID, an attacker can view sensitive mail details belonging to other users.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-55186 – Oqtane Framework User account IDOR Vulnerability

Elvescore.io

Recent Posts

CVE-2024-12884 – Codezips E-Commerce Website SQL Injection

CVE-2024-51463 – IBM i SSRF

CVE-2024-51464 – IBM Navigator for i Access Bypass Vulnerability

CVE-2024-12883 – Code-projects Job Recruitment Cross Site Scripting

CVE-2024-12875 – Easy Digital Downloads WordPress Directory Traversal Vulnerability

CVE-2024-10453 – Elementor Website Builder Stored Cross-Site Scripting Vulnerability

CVE-2024-55186 – Oqtane Framework User account IDOR Vulnerability

CVE-2024-55186 – Oqtane Framework User account IDOR Vulnerability