OpenAsset Digital Asset Management Insecure Direct Object Reference
Posted by deepcore on December 13, 2020 – 1:05 am
OpenAsset Digital Asset Management was found to provide several endpoints which allowed for unauthenticated data retrieval in a CSV format. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise).
Post a reply
You must be logged in to post a comment.