제출 #639750: Github Papermerge 3.5.3 Improper Access Controls정보

제목Github Papermerge 3.5.3 Improper Access Controls
설명Papermerge, developed by ciur, is vulnerable to Broken Function Level Authorization in its folder deletion functionality. A remote authenticated attacker can delete resources belonging to other users by supplying a valid authorization token from a different account. This allows unauthorized resource deletion, leading to loss of data integrity and availability.
원천⚠️ https://docs.google.com/document/d/19j0mCR-QOuhlxAJMir00Z8_MZdydVdmE_Ak09ra2NHw/edit?usp=sharing
사용자
 unhingedazrael (UID 89347)
제출2025. 08. 22. AM 09:37 (10 개월 ago)
모더레이션2025. 09. 10. PM 12:09 (19 days later)
상태수락
VulDB 항목323482 [Papermerge DMS 까지 3.5.3 Authorization Token 권한 상승]
포인트들18

이전개요다음

Interested in the pricing of exploits?

See the underground prices here!