CVE-2017-7313
CVE-2017-7313 affects Personify360 e-Business 7.5.2–7.6.1. The issue allows unauthenticated access to the URI /TabId/275, enabling reading of customer data (names, master Customer Ids, and emails) without authentication. The description indicates that anyone can search for users/customers in the ...