Importing data by ID

State Resolved
April 2021
Issue ID nnDwMEa_v
Asset Web application
Bounty $100
Reported in March 2021
Reporter Harry Ha
Severity Low
Visibility Limited
Weakness CWE-285: Improper Authorization

Description

The malicious team member is able to rerun the previous data import knowing unique and temporary ID.


The rest of the report is undisclosed.