IDOR - Getting other users’ data

State Resolved in
May, 2022
Issue ID 6olhS-2_sis-vVXcwjd
Asset Web application
Bounty $500
Reported in May 2022
Reporter Hadrik Gupta
Severity Medium
Visibility Limited
Weakness CWE - 266 : Incorrect Privilege Assignment


The flaw allows an attacker to gain access to basic information about the workspace settings.

The rest of the report is undisclosed.