Micro Focus Security Bulletin MFSBGN03835 1 - The SSC REST API contains Insecure Direct Object Reference (IDOR) vulnerabilities that allow authenticated users access to arbitrary details of the Local and LDAP users via POST method and to arbitrary details of other user's Fortify projects via GET method. Revision 1 of this advisory.
78602ef0efd0605008f1fbce59841d535c41dd7f6c75375c80f990b66f399b5c
Fortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability related to user projects.
d6e235c49d00e4d533f28b00647cf63de21e373e8951706d91b44ddbf61ed5c4