Skip to content

entities switch IDOR

Moderate
trasher published GHSA-v3m5-r3mx-ff9j Mar 2, 2021

Package

No package listed

Affected versions

9.5.3

Patched versions

9.5.4

Description

Impact

It was possible to switch entities with IDOR from a logged in user.

Patches

fixed in 9.5.4

Severity

Moderate

CVE ID

CVE-2021-21255

Weaknesses

No CWEs

Credits