PT-2025-51234
Name of the Vulnerable Software and Affected Versions Convercent Whistleblowing Platform affected versions not specified Description The platform exposes an unauthenticated API endpoint at /GetLegalEntity that returns internal customer legal-entity names based on a supplied searchText fragment. A...