Cbx216

**Name of the Vulnerable Software and Affected Versions** Newgen OmniDocs version 11.0 **Description** An unauthenticated Broken Function Level Authorization (BFLA) exists in Newgen OmniDocs v11.0. This allows attackers to obtain sensitive information and execute a full account takeover by sending a specially crafted API request. The vulnerability occurs due to insufficient authorization checks, enabling unauthorized access to functionality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.