Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An Insecure Direct Object Reference issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make a GET request to a certain URL and obtain information that should be provided to authenticated users only.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CIPPlanner CIPAce 信息泄露漏洞
Vulnerability Description
CIPPlanner CIPAce是美国CIPPlanner公司的一套业务流程自动化和应用程序开发平台。 CIPPlanner CIPAce 9.1 Build 2019092801版本中存在安全漏洞。攻击者可通过发送GET请求利用该漏洞获取提供给认证用户的信息。
CVSS Information
N/A
Vulnerability Type
N/A