VYPR
Moderate severityNVD Advisory· Published Mar 13, 2024· Updated Dec 4, 2024

CVE-2023-36238

CVE-2023-36238

Description

Insecure Direct Object Reference (IDOR) in Bagisto v.1.5.1 allows an attacker to obtain sensitive information via the invoice ID parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
bagisto/bagistoPackagist
< 1.3.21.3.2

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.