CVE-2020-13422
OpenIAM before 4.2.0.3 is vulnerable to privilege control issues where the system does not verify that a user has permission to perform administrative actions at the /webconsole/rest/api/* endpoint. This could allow unauthorized users to execute privileged actions. Affected versions are OpenIAM p...