Opart Devis < 4.0.2 - Unauthenticated Insecure Direct Object Reference via Delivery and Invoice Address Fields
An Insecure Direct Object Reference (IDOR) vulnerability was found in Prestashop Opart devis < 4.0.2. Unauthenticated attackers can have access to any user's invoice and delivery address by exploiting an IDOR on the delivery_address and invoice_address fields.