Home / exploits OpenAsset Digital Asset Management Insecure Direct Object Reference
Posted on 12 December 2020
OpenAsset Digital Asset Management was found to provide several endpoints which allowed for unauthenticated data retrieval in a CSV format. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise).
