CVE-2020-35577
Endalia Selection Portal (before 4.205.0) is affected by an Insecure Direct Object Reference (IDOR) vulnerability. Authenticated users can download any uploaded file by altering the file identifier (CommonDownload ID). This is the root cause described across multiple sources linked to CVE-2020-35...