Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Múltiples vulnerabilidades en Negotiator de BBMRI-ERIC
Vulnerability Description
Insecure Direct Object Reference (IDOR) in Negotiator v3.15.2 from Biobanking and Biomolecular Resources - European Research Infrastructure (BBMRI-ERIC). This vulnerability allows an attacker to access or modify unauthorised resources by manipulating requests that use the 'userID' parameter in '/api/v3/users/<userID>', which may result in the exposure or alteration of sensitive data
CVSS Information
N/A
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
BBMRI-ERIC Negotiator 安全漏洞
Vulnerability Description
BBMRI-ERIC Negotiator是奥地利BBMRI-ERIC公司的一个生物样本库访问工具。 BBMRI-ERIC Negotiator v3.15.2版本存在安全漏洞,该漏洞源于对userID参数操作不当,可能导致不安全的直接对象引用攻击。
CVSS Information
N/A
Vulnerability Type
N/A