IDOR vulnerability reveals additional information
Critical
S
Semrush
Submitted None
Team Summary
Official summary from Semrush
An issue was identified in the Content Outline Builder product. Changing a user ID in a GraphQL request could reveal additional information about users of Content Outline builder. The subsequent internal review revealed no evidence of this vulnerability being exploited by unauthorized parties.
Actions:
Reported by
a_d_a_m
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Insecure Direct Object Reference (IDOR)