Chicv Management System Login version 4.5.6 suffers from an insecure direct object reference vulnerability.