OMICARD EDM developed by ITPison has a Insecure Direct Object Reference vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to obtain user's email address.Referenceshttps://www.twcert.org.tw/tw/cp-132-10947-027a7-1.htmlhttps://www.twcert.org.tw/en/cp-139-10948-78864-2.html
