2022-04-10 21:01:39
mitre
PUBLISHED
Insecure permissions configured in the user_id parameter at SysUserController.java of OFCMS v1.1.4 allows attackers to access and arbitrarily modify users personal information.