0.001 Low
EPSS
Percentile
47.3%
ShowDoc is vulnerable to direct object reference. A remote attacker is able to navigate and retrieve or modify notes belonging to other users by modifying the page_id.
page_id
github.com/CCCCCrash/POCs/tree/master/Web/showdoc/IncorrectAccessControl#0x02-modify
github.com/star7th/showdoc/commit/bcdb5e3519285bdf81e618b3c9b90d22bc49e13c
github.com/star7th/showdoc/issues/397