PT-2025-2876
Name of the Vulnerable Software and Affected Versions Indico versions 3.2.9 through 3.3.5 Description A Broken Object Level Authorization BOLA issue allows attackers to read or access sensitive information by sending a crafted POST request to the "/api/principals" component. The supplier disputes...