Medium severity4.3NVD Advisory· Published Aug 9, 2021· Updated Jun 17, 2026
CVE-2021-37215
CVE-2021-37215
Description
The employee management page of Flygo contains an Insecure Direct Object Reference (IDOR) vulnerability. After being authenticated as a general user, remote attacker can manipulate the user data and then over-write another employee’s user data by specifying that employee’s ID in the API parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Larvata Digital Technology Co. Ltd./FLYGOv5Range: unspecified
Patches
Vulnerability mechanics
References
1- www.twcert.org.tw/tw/cp-132-4992-dac66-1.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.