3 matches found
CVE-2025-41090
microCLAUDIA in v3.2.0 and prior has an improper access control vulnerability. This flaw allows an authenticated user to perform unauthorized actions on other organizations' systems by sending direct API requests. To do so, the attacker can use organization identifiers obtained through a...
CVE-2025-41090 Improper Access Control in CCN-CERT microCLAUDIA
microCLAUDIA in v3.2.0 and prior has an improper access control vulnerability. This flaw allows an authenticated user to perform unauthorized actions on other organizations' systems by sending direct API requests. To do so, the attacker can use organization identifiers obtained through a...
Lack of Access Control in public function VirtualAccount.payableCall
Lines of code Vulnerability details Description The VirtualAccount contract allows users to manage assets and perform interactions remotely while maintaining an encapsulated user balance. The contract includes a payableCall function that aggregates and executes a batch of calls to external...