CVE-2019-19616
CVE-2019-19616 concerns an insecure direct object reference in the Xtivia Web Time and Expense (WebTE) interface for Microsoft Dynamics NAV prior to 2017. The vulnerability occurs in the /Home/GetAttachment function, where an attacker can download arbitrary files by supplying arbitrary values for...