CVE-2023-33706 in SysAid
Сводка
по MITRE • 24.11.2023
SysAid before 23.2.15 allows Indirect Object Reference (IDOR) attacks to read ticket data via a modified sid parameter to EmailHtmlSourceIframe.jsp or a modified srID parameter to ShowMessage.jsp.
Once again VulDB remains the best source for vulnerability data.