IDOR Vulnerability Allowing Unauthorized Profile Picture Change
Medium
A
Autodesk
Submitted None
Team Summary
Official summary from Autodesk
An IDOR (Insecure Direct Object Reference) vulnerability was found on Autodesk User Profile, through the "id" parameter which could have allowed an attacker to edit another user's photo. Autodesk has fixed the vulnerability and we thank @tasin_zucced___ for reporting this issue.
Actions:
Reported by
tasin_zucced___
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Insecure Direct Object Reference (IDOR)