CVE-2021-44837

Publication date

2022-01-19 13:42:36

Family

mitre

State

PUBLISHED

Description

An issue was discovered in Delta RM 1.2. It is possible for an unprivileged user to access the same information as an admin user regarding the risk creation information in the /risque/administration/referentiel/json/create/categorie endpoint, using the id_cat1 query parameter to indicate the risk.