An Insecure Direct Object Reference (IDOR) vulnerability was found in Prestashop Opart devis < 4.0.2. Unauthenticated attackers can have access to any user's invoice and delivery address by exploiting an IDOR on the delivery_address and invoice_address fields.
References
Link | Resource |
---|---|
https://github.com/login-securite/CVE/blob/main/CVE-2020-16194.md | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2021-02-04 15:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-16194
Mitre link : CVE-2020-16194
CVE.ORG link : CVE-2020-16194
JSON object : View
Products Affected
store-opart
- quote
CWE
CWE-639
Authorization Bypass Through User-Controlled Key