5 matches found
CVE-2023-46666
An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a Sharepoint site then that user would have read permissions to all content on the...
CVE-2023-46666
Summary: CVE-2023-46666 affects Elastic Sharepoint Online Python Connector. The issue arises when using Document Level Security with the SPO “Limited Access” feature: a user granted limited access to a single item could read all content on the SharePoint site through Elasticsearch. Affected compo...
CVE-2023-46666 Elastic Sharepoint Online Python Connector Improper Access Control
An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a Sharepoint site then that user would have read permissions to all content on the...
CVE-2023-46666 Elastic Sharepoint Online Python Connector Improper Access Control
An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a Sharepoint site then that user would have read permissions to all content on the...
Elastic Sharepoint Online Python Connector v8.10.3.0 Security Update
Elastic Sharepoint Online Python Connector Improper Access Control ESA-2023-18 An issue was discovered when using Document Level Security and the SPO "Limited Access" functionality in Elastic Sharepoint Online Python Connector. If a user is assigned limited access permissions to an item on a...