Vulnerabilities

CVE-2025-55886

by Fred · 22/09/2025

An Insecure Direct Object Reference (IDOR) vulnerability was discovered in ARD. The flaw exists in the `fe_uid` parameter of the payment history API endpoint. An authenticated attacker can manipulate this parameter to access the payment history of other users without authorization.

More information : https://github.com/0xZeroSec/CVE-2025-55886

Similar

Tags: Cybersecurity Alert