Vulnerabilities > CVE-2024-11216
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
LOW Availability impact
LOW Summary
Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijacking.This issue affects Pik Online: through 05.03.2025. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.