Home

Description

An Insecure Direct Object Reference (IDOR) vulnerability exists in docuForm GmbH Client v.11.11c allowing a remote attacker to execute arbitrary code via the user settings component, and modify or retrieve sensitive data associated with other users’ accounts.

PUBLISHED Reserved 2026-06-08 | Published 2026-07-09 | Updated 2026-07-10 | Assigner mitre

References

ZeroBreach.de

docuform.de

gist.github.com/ZeroBreach-GmbH

cve.org (CVE-2026-51923)

nvd.nist.gov (CVE-2026-51923)

Download JSON