陳昱昇

**Name of the Vulnerable Software and Affected Versions** OMICARD EDM (affected versions not specified) **Description** An Insecure Direct Object Reference (IDOR) issue exists, which is a type of access control flaw that occurs when an application provides direct access to objects based on user-supplied input. This allows unauthenticated remote attackers to modify a specific parameter to obtain the email addresses of users. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.