CVE-2017-9421
The CVE-2017-9421 issue affects Accellion kiteworks prior to 2017.01.00. A remote attacker can bypass authentication by using a token gathered via a POST to /oauth/token to perform certain API calls on behalf of a web user. The root cause is an authentication bypass linked to token handling in th...