| Summary | An insecure direct object reference in MK-Auth 23.01K4.9 allows attackers to access and send support calls for other users via manipulation of the chamado parameter through a crafted GET request. |
|---|---|
| Publication Date | May 13, 2026, 1:16 a.m. |
| Registration Date | May 13, 2026, 4:12 a.m. |
| Last Update | May 13, 2026, 1:16 a.m. |