Subex ROC Partner Settlement 10.5 Insecure Direct Object Reference
Posted on 14 April 2020
Subex ROC Partner Settlement version 10.5 suffers from an insecure direct object reference vulnerability in the change password function that can allow for account takeover.
