PT-2024-35745 · Ragflow · Ragflow

Name of the Vulnerable Software and Affected Versions: RAGFlow version 0.13.0 Description: The issue is related to improper access control in the document-hooks.ts file, which allows unauthorized access to user documents. Recommendations: For RAGFlow version 0.13.0, consider restricting access to...

Vulnerability fixed in Elasticsearch

Elastic has fixed a vulnerability in Elasticsearch. A remote malicious party could potentially exploit the vulnerability to gain access to sensitive data. The vulnerability is in the way Document or Field permissions are applied. A malicious party can view recently modified documents because they...

Microsoft Office: Never allow users to specify groups when restricting permission for documents

This test checks the setting for policy OpenVAS Vulnerability Test $Id: officeneverallowdls.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Document Info Beaconing UI Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free...