eyecomms eyeCMS Incorrect Authorization Vulnerability
A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15 allows any candidate to take over another candidate’s account via a modified candidate id and an additional password parameter.
The information has been provided by Vendor
The original article can be found at:http://www.eyecomms.com/Products/eyeCMS.html
The outcome is that the password of this other candidate is changed.