IDOR Get any Customer all invoices
get personal information of workers
Extract all users emails end with( @company.com ) with names in DB of Company users
Export Subscription Application Instance List ( with internal host ) and SupportCompanySearchCustomers
FULL access to all CUSTOMERS information including emails for all users in Company DataBase
External Guest without permission Can View pinned-collections Lists
External Guest without permission Can Share any collection with any user
External Guest Can View all projects in the company
External Guest Can Get all Company Users informations including Emails with Partner role
sensitive information disclosure in document user informations including user signature
