CVE-2023-45892

Name of the Vulnerable Software and Affected Versions Floorsight Insights version Q3 2023

Description An issue in the Order and Invoice pages allows an unauthenticated remote attacker to view sensitive customer information.

Recommendations For Floorsight Insights version Q3 2023, consider restricting access to the Order and Invoice pages until a fix is available. As a temporary workaround, limit the information displayed on these pages to minimize the risk of sensitive data exposure. At the moment, there is no information about a newer version that contains a fix for this issue.