Subex ROC Partner Settlement 10.5 Insecure Direct Object Reference

Subex ROC Partner Settlement version 10.5 suffers from an insecure direct object reference vulnerability in the change password function that can allow for account takeover.

Leave a Reply