IDOR is when an application exposes internal objects (like user IDs, files, or records) in a way that lets users access data they shouldn’t, for example, by simply changing a value in the URL. IDOR is ...

More than 64 million McDonald’s job applicants across the United States may have had their personal information exposed after cybersecurity researchers discovered serious security vulnerabilities in ...

Cybersecurity researchers discovered a vulnerability in McHire, McDonald's chatbot job application platform, that exposed the chats of more than 64 million job applications across the United States.

A security flaw in McHire allowed access to sensitive applicant data via default admin credentials and a vulnerable API. The issue was patched swiftly after disclosure. A security oversight in ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...

Cisco published 10 security advisories detailing over a dozen vulnerabilities, including two high-severity flaws in its Identity Services Engine (ISE) and Unified Intelligence Center. Cisco on ...

Pull requests help you collaborate on code with other people. As pull requests are created, they’ll appear here in a searchable and filterable list. To get started, you should create a pull request.

Dependabot alerts are not supported on this advisory because it does not have a package from a supported ecosystem with an affected and fixed version.

Insecure Direct Object Reference vulnerabilities provide a threat to healthcare organizations by potentially compromising access controls for electronic health records and provider payments systems.