Secur30Nly

**Name of the Vulnerable Software and Affected Versions** JumpServer versions prior to 3.10.6 **Description** The issue allows an authenticated user to exploit the Insecure Direct Object Reference (IDOR) vulnerability in the file manager's bulk transfer by manipulating job IDs to upload malicious files, potentially compromising the integrity and security of the system. **Recommendations** For versions prior to 3.10.6, update to version 3.10.6 to resolve the issue. As a temporary workaround, consider restricting access to the file manager's bulk transfer feature to minimize the risk of exploitation.