CVE-2026-10597

MEDIUM NVD

CVSS Score 5.3

Severity MEDIUM

Published Jun 04, 2026

Vendor unknown

Description

OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address.

References

https://www.twcert.org.tw/en/cp-139-10948-78864-2.html
https://www.twcert.org.tw/tw/cp-132-10947-027a7-1.html