CVE-2020-36920

Name of the Vulnerable Software and Affected Versions iDS6 DSSPro Digital Signage System version 6.2

Description Improper access control allows authenticated users to elevate privileges using console JavaScript functions. By exploiting insecure direct object references (IDOR), which occur when an application provides direct access to objects based on user-supplied input, attackers can create users, modify roles and permissions, and potentially achieve full application takeover.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.