CVE-2024-27630 Information

Description

Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and before allows a remote attacker to delete arbitrary files via crafted input to the trackers_data_delete_file function.

Reference

https://medium.com/%40allypetitt/how-i-found-3-cves-in-2-days-8a135eb924d3