Vulnerability Details CVE-2022-27247
onlinetolls in cdSoft Onlinetools-Smart Winhotel.MX 2021 allows an attacker to download sensitive information about any customer (e.g., data of birth, full address, mail information, and phone number) via GastKont Insecure Direct Object Reference.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.7%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2022-27247
-
cpe:2.3:a:cdsoft:winhotel.mx:2021