CVE-2023-50872 Information

Description

The API in Accredible Credential.net December 6th 2023 allows an Insecure Direct Object Reference attack that discloses partial information about certificates and their respective holder. NOTE: the excellium-services.com web page about this issue mentions \Vendor says that it’s not a security issue.\

Reference

https://help.accredible.com/accredible-product-release-notes https://excellium-services.com/cert-xlm-advisory/CVE-2023-50872