CVE-2024-10439

The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to access arbitrary files uploaded by any user. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt