3 matches found
CVE-2025-2271
A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Reference IDOR vulnerability in the Issuetrak audit component. The vulnerability enables unauthorized access to sensitive...
CVE-2025-2271 IDOR in Issuetrak NewAuditID parameter via Inv_PopTrakXShow.asp
A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Reference IDOR vulnerability in the Issuetrak audit component. The vulnerability enables unauthorized access to sensitive...
CVE-2025-2271
Issuetrak v17.2.2 and earlier contain an Insecure Direct Object Reference (IDOR) in the audit component, enabling a low-privileged user to access audit results of other users and exposing sensitive information (user details, network/hardware info, installed programs, processes, drives, printers)....