Layno

**Name of the Vulnerable Software and Affected Versions** Prestashop Opart devis versions prior to 4.0.2 **Description** An Insecure Direct Object Reference (IDOR) issue allows unauthenticated attackers to access any user's invoice and delivery address by exploiting the `delivery address` and `invoice address` fields. **Recommendations** For Prestashop Opart devis versions prior to 4.0.2, update to version 4.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `delivery address` and `invoice address` fields until a patch is applied.