[app.mavenlink.com] IDOR to view sensitive information
Medium
M
Mavenlink
Submitted None
Team Summary
Official summary from Mavenlink
The researcher found an IDOR that when exploited would result in an error message that was too verbose. The verbose error message included the title of the workspace that the user was attempting to access and being denied persmission to.
Actions:
Reported by
dyoon
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Insecure Direct Object Reference (IDOR)