API key is not validated for C.R.M integration [Pipedrive] of LOGGED IN USER, A user can use another USER'S API key for this operation.

Disclosed: 2020-08-20 14:16:16 By xploiterr To dropcontact
Medium
Vulnerability Details
No vulnerability description provided or it is restricted.
Actions
View on HackerOne
Report Stats
  • Report ID: 962033
  • State: Closed
  • Substate: resolved
  • Upvotes: 4
Share this report