Ángel González

**Name of the Vulnerable Software and Affected Versions** BOLD Workplanner versions prior to 2.5.25 **Description** An Insecure Direct Object Reference (IDOR) issue exists in BOLD Workplanner. The problem stems from insufficient validation of user input, potentially allowing an authenticated user to access calendar details using unauthorized internal identifiers. **Recommendations** Update BOLD Workplanner to version 2.5.25 or later.

**Name of the Vulnerable Software and Affected Versions** BOLD Workplanner versions prior to 2.5.25 **Description** An Insecure Direct Object Reference (IDOR) issue exists in BOLD Workplanner. The problem stems from insufficient validation of user input, potentially allowing an authenticated user to access time record details using unauthorized internal identifiers. **Recommendations** Update BOLD Workplanner to version 2.5.25 or later.

**Name of the Vulnerable Software and Affected Versions** BOLD Workplanner versions prior to 2.5.25 **Description** An Insecure Direct Object Reference (IDOR) issue exists in BOLD Workplanner. The problem stems from insufficient validation of user input, potentially allowing an authenticated user to access basic contract details using unauthorized internal identifiers. **Recommendations** Update BOLD Workplanner to version 2.5.25 or later.

**Name of the Vulnerable Software and Affected Versions** BOLD Workplanner versions prior to 2.5.25 **Description** An Insecure Direct Object Reference (IDOR) issue exists in BOLD Workplanner. The problem stems from insufficient validation of user input, potentially allowing an authenticated user to access contract details using unauthorized internal identifiers. **Recommendations** Update BOLD Workplanner to version 2.5.25 or later.

**Name of the Vulnerable Software and Affected Versions** BOLD Workplanner versions prior to 2.5.25 **Description** An Insecure Direct Object Reference (IDOR) issue exists in BOLD Workplanner. The problem stems from insufficient validation of user input, potentially allowing an authenticated user to access planning counter details using unauthorized internal identifiers. **Recommendations** Update BOLD Workplanner to version 2.5.25 or later.

**Name of the Vulnerable Software and Affected Versions** BOLD Workplanner versions prior to 2.5.25 **Description** An Insecure Direct Object Reference (IDOR) issue exists in BOLD Workplanner. The problem stems from insufficient validation of user input, potentially allowing an authenticated user to access contract details dates using unauthorized internal identifiers. **Recommendations** Update BOLD Workplanner to version 2.5.25 or later.

**Name of the Vulnerable Software and Affected Versions** BOLD Workplanner versions prior to 2.5.25 **Description** An Insecure Direct Object Reference (IDOR) issue exists in BOLD Workplanner. The problem stems from insufficient validation of user input, potentially allowing an authenticated user to access basic employee details using unauthorized internal identifiers. **Recommendations** Update BOLD Workplanner to version 2.5.25 or later.

**Name of the Vulnerable Software and Affected Versions** BOLD Workplanner versions prior to 2.5.25 **Description** An Insecure Direct Object Reference (IDOR) issue exists in BOLD Workplanner. The problem stems from insufficient validation of user input, which allows an authenticated user to access a list of permissions using unauthorized internal identifiers. **Recommendations** Update BOLD Workplanner to version 2.5.25 or later.

**Name of the Vulnerable Software and Affected Versions** BOLD Workplanner versions prior to 2.5.25 **Description** An Insecure Direct Object Reference (IDOR) issue exists in BOLD Workplanner. The issue involves a misuse of the general enquiry web service. **Recommendations** Update to version 2.5.25 or later.