Craftycontrol: >> Crafty Controller >> 4.10.3 Security Vulnerabilities
An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permissions validation.
CVSS Score
9.0
EPSS Score
0.002
Published
2026-04-21