CVE-2023-2544 Information

Description

Authorization bypass vulnerability in UPV PEIX affecting the component \pdf_curri_new.php. Through a POST request an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix