Summary
Paymenter has broken object level authorization via service reference manipulation on ticket creation
References
Related vulnerabilities
All Supply chain →- HIGHGHSA-P9F5-H3RX-J5QW
Gogs Missing Authorization in Attachment Download
- HIGHGHSA-35C4-RVC8-FRHM
Budibase: POST /api/attachments/:datasourceId/url is unauthenticated and lets anonymous callers mint S3 PUT pre-signed URLs using stored datasource IAM credentials
- MEDIUMGHSA-8J8M-P79X-G4JM
AVideo's Privilege Escalation via Unguarded Permission Parameters in signUp API Allows Self-Granting Upload/Stream/Meet Permissions
- MEDIUMGHSA-MXJX-28VX-XJJJ
Network-AI: ApprovalInbox HTTP server has no authentication — anyone can approve pending agent actions
- MEDIUMGHSA-MPC8-JXJH-QPGH
OpenClaw: Focus command could miss controlScope enforcement
- MEDIUMGHSA-72FW-CQH5-F324
OpenClaw: memory-wiki shared search could miss session visibility checks