2020-12-30 19:39:17
mitre
PUBLISHED
In Correspondence Management System (corms) in Newgen eGov 12.0, an attacker can modify other users profile information by manipulating the unvalidated UserIndex parameter, aka Insecure Direct Object Reference.