An Insecure Direct Object Reference (IDOR) vulnerability exists in docuForm GmbH Client v.11.11c allowing a remote attacker to execute arbitrary code via the user settings component, and modify or retrieve sensitive data associated with other users’ accounts.
Metrics
Affected Vendors & Products
References
History
Fri, 10 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Fri, 10 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Insecure Direct Object Reference Allows Remote Code Execution and Data Access in DocuForm Client | |
| Weaknesses | CWE-639 |
Fri, 10 Jul 2026 10:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Docuform
Docuform client |
|
| Vendors & Products |
Docuform
Docuform client |
Thu, 09 Jul 2026 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An Insecure Direct Object Reference (IDOR) vulnerability exists in docuForm GmbH Client v.11.11c allowing a remote attacker to execute arbitrary code via the user settings component, and modify or retrieve sensitive data associated with other users’ accounts. | |
| References |
|
Status: PUBLISHED
Assigner: mitre
Published: 2026-07-09T00:00:00.000Z
Updated: 2026-07-10T15:32:15.156Z
Reserved: 2026-06-08T00:00:00.000Z
Link: CVE-2026-51923
Updated: 2026-07-10T15:31:52.443Z
No data.
No data.