CVE-2024-47657
Shilpi Net Back Office is affected by CVE-2024-47657 due to improper access controls on API endpoints. An authenticated remote attacker could manipulate the dfclientid parameter in API request URLs to gain unauthorized access to other users’ sensitive information. Connected documents confirm this...