Full title: Platinum Mobile 1.0.4.850 Authorization Bypass Vulnerability Category: web applications Platform: asp Platinum Mobile version 1.0.4.850 has a broken access control. The mobile application connects to the company-specific server, which does not properly restrict the access to confidential data. Thus, an authenticated attacker can disclose the company's payroll, personal information of other employees without having appropriate privileges to do so. # 0day.today @ http://0day.today/