| 제목 | Newgen Software Newgen OmniDocs 12.0.00 Insecure Direct Object Reference |
|---|
| 설명 | Description:
Newgen OmniDocs 12.0.00 contains an Insecure Direct Object Reference (IDOR) vulnerability in the document retrieval functionality. The application uses a user-supplied DocumentId parameter to fetch documents but fails to properly enforce authorization checks on the requested object. By manipulating this parameter, an attacker can access documents that are not intended to be available through the application interface, including sensitive files such as client-related records and company registration documents. |
|---|
| 원천 | ⚠️ https://drive.google.com/file/d/1lYPiqFQd5JoZpIrIh8ohD-7emzGSW0SV/view?usp=sharing |
|---|
| 사용자 | kushkira (UID 60170) |
|---|
| 제출 | 2026. 03. 17. PM 02:14 (21 날 ago) |
|---|
| 모더레이션 | 2026. 04. 02. AM 10:02 (16 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 354829 [Newgen OmniDocs 까지 12.0.00 WebApiRequestRedirection DocumentId 권한 상승] |
|---|
| 포인트들 | 20 |
|---|