Normal User is able to EXPORT Feature Usage Statistics
Medium
L
Lark Technologies
Submitted None
Team Summary
Official summary from Lark Technologies
A vulnerability was found where certain Lark endpoints did not properly validate user permissions, allowing a low-privileged user to generate and download usage statistics information. We thank @aishkendle for reporting this to our team.
Actions:
Reported by
aishkendle
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Access Control - Generic