You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As of now Edit/Modify Non-Sensitive Information IDOR is categorized as P5. Suppose I am editing a cross tenant record where I don't have the access, it is medium critical and it should have a higher severity.
If I'm editing/modifying a iterate Non-Sensitive Information, then the impact is much higher than we imagine. As per the vulnerability rating taxonomy, all IDOR's except Read Non-Sensitive Information should be having minimum priority of P4.
Please try to do immediate changes in the classification.
The text was updated successfully, but these errors were encountered:
As of now Edit/Modify Non-Sensitive Information IDOR is categorized as P5. Suppose I am editing a cross tenant record where I don't have the access, it is medium critical and it should have a higher severity.
If I'm editing/modifying a iterate Non-Sensitive Information, then the impact is much higher than we imagine. As per the vulnerability rating taxonomy, all IDOR's except Read Non-Sensitive Information should be having minimum priority of P4.
Please try to do immediate changes in the classification.
The text was updated successfully, but these errors were encountered: