Name of the Vulnerable Software and Affected Versions:

Agenzia Impresa Eccobook versions prior to 2.81.2

Description:

An Insecure Direct Object Reference (IDOR) vulnerability exists in the PdfHandler component. This allows unauthenticated attackers to read confidential documents. The vulnerability is triggered through the `DocumentoId` parameter.

Recommendations:

Update Agenzia Impresa Eccobook to a version prior to 2.81.2.