Medium severity6.5NVD Advisory· Published Mar 24, 2023· Updated Jun 17, 2026
CVE-2023-24625
CVE-2023-24625
Description
Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Faveo/Faveodescription
Patches
Vulnerability mechanics
References
3- cupc4k3.lol/cve-2023-24625-idor-in-faveo-service-desk-37a63f53d896nvdExploitThird Party Advisory
- www.faveohelpdesk.com/servicedesk/nvdProduct
- medium.com/%40cupc4k3/vulnerabilities-in-faveo-service-desk-37a63f53d896nvd
News mentions
0No linked articles in our index yet.