CVE-2024-50633 Information

Description

A Broken Object Level Authorization (BOLA) vulnerability in Indico v3.2.9 allows attackers to access sensitive information via sending a crafted POST request to the component /api/principals.

Reference

https://github.com/cetinpy/CVE-2024-50633