CVE-2018-19620
CVE-2018-19620 affects ShowDoc 2.4.1. A remote attacker can edit another user’s notes by navigating with a modified page_id parameter, revealing a broken access-control/ID-based authorization issue. The connected Red Hat and GitHub advisories corroborate unauthenticated or direct object reference...