Full title: OpenAsset Digital Asset Management Insecure Direct Object Reference Vulnerability Category: web applications Platform: php OpenAsset Digital Asset Management was found to provide several endpoints which allowed for unauthenticated data retrieval in a CSV format. Vulnerable versions include 12.0.19 (Cloud) and 11.2.1 (On-premise). # 0day.today @ http://0day.today/