• Report: May 2019
• Fix: May 2019
• Credit: B3Bo1d

Temenos CWX version 8.9 has an Broken Access Control vulnerability in the module /CWX/Employee/EmployeeEdit2.aspx, leading to the viewing of user information.

Before After

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13403