GHSA-2rhx-q7hx-f25rHigh

Broken object-level access controls and the use of a deterministic pattern during random ID...

Published
July 7, 2026
Last Modified
July 7, 2026

🔗 CVE IDs covered (1)

📋 Description

Broken object-level access controls and the use of a deterministic pattern during random ID generation in MicroRealEstate allows attackers to access documents uploaded by landlords or tenants without authorization.

This issue affects MicroRealEstate: through 1.0.0-alpha3.

🔗 References (4)