Auth bypass in Microrealestate
CVE-2026-57868
MicroRealEstate is affected by broken object-level access controls in PDF generator functionality. This issue affects MicroRealEstate: through 1.0.0-alpha3.
Vulnerability class: IDOR (Insecure Direct Object Reference)
Affected products
- Microrealestate — versions 0
Weakness classification (CWE)
References
- vdp@themissinglink.com.au (product)
- vdp@themissinglink.com.au (third-party-advisory)