Missing Authorization to Authenticated (Subscriber+) Arbitrary User Deletion vulnerability
12 December, 2024
Insecure Direct Object Reference to Unauthenticated Arbitrary User Password/Email Reset/Account Takeover vulnerability
16 October, 2024
Broken Access Control vulnerability
26 August, 2024
Broken Access Control vulnerability
28 June, 2024
Missing Authorization to Limited Privilege Escalation vulnerability
14 June, 2024