Insecure Direct Object Reference (IDOR) in Bagisto v.1.5.0 allows an attacker to obtain sensitive information via the invoice ID parameter.
{ "nvd_published_at": "2024-03-13T21:15:53Z", "cwe_ids": [ "CWE-639" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-03-15T21:03:01Z" }