0.001 Low
EPSS
Percentile
19.4%
In SapphireIMS 4097_1, a guest user is able to change the password of an administrative user by utilizing an Insecure Direct Object Reference (IDOR) in the βAccount Password Resetβ functionality.
vuln.shellcoder.party/2020/07/18/cve-2017-16631-sapphireims-idor-on-password-reset/
vuln.shellcoder.party/tags/sapphireims/