Hello, we did a penetration tests to our seafile and we found some problems. Do you guys know how to prevent them ? First one is IDOR and second one is httponly flag in nginx.
IDOR links
Insecure Direct Object Reference (IDOR) Vulnerabilities in Brief https:// cheatsheetseries.owasp. org/cheatsheets/Insecure_Direct_Object_Reference_Prevention_Cheat_Sheet.html