CVE-2022-24385 - Information disclosure via direct object access on SmarterTrack v100.0.8019.14010

CVE	CVE-2022-24385
Case	DIVD-2021-00029
Discovered by	Wietse Boonstra
Credits	Discovered by Wietse Boonstra of DIVD
Products	SmarterTools: SmarterTrack
Versions	SmarterTools: SmarterTrack 100.x (< Build 8075)
Page author	Frank Breedijk
CVSS	Base score: 6.5
References	https://csirt.divd.nl/DIVD-2021-00029 https://csirt.divd.nl/CVE-2022-24385
Last modified	20 Jun 2022 09:35

Description

A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure

This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.

JSON version