CVE-2024-4843
4.3MEDIUMePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate the client task and client task assignmen
Publicado: 5/16/2024Atualizado: 11/21/2024
Descrição
ePO doesn't allow a regular privileged user to delete tasks or assignments. Insecure direct object references that allow a least privileged user to manipulate the client task and client task assignments, hence escalating his/her privilege.