CVE-2023-42334

Name of the Vulnerable Software and Affected Versions Fl3xx Dispatch version 2.10.37 fl3xx Crew version 2.10.37

Description An Indirect Object Reference (IDOR) issue allows a remote attacker to escalate privileges via the user parameter. This enables the attacker to potentially gain unauthorized access to sensitive information or perform actions that would normally be restricted.

Recommendations For Fl3xx Dispatch version 2.10.37, consider disabling the functionality that utilizes the user parameter until a patch is available. For fl3xx Crew version 2.10.37, restrict access to the component that uses the user parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.