VYPR
High severity8.6NVD Advisory· Published Sep 18, 2020· Updated Jun 17, 2026

CVE-2020-15958

CVE-2020-15958

Description

An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to internally stored files allows a remote attacker to access various sensitive information via an unauthenticated request with a predictable URL.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • 1CRM System/1CRM Systemdescription

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.