Vulnerabilities > Economizzer > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-28 | CVE-2023-38872 | Authorization Bypass Through User-Controlled Key vulnerability in Economizzer 0.9/April2023 An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment. | 3.7 |