3 matches found
CVE-2022-37774
There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. When accessing some specific document pdf, email from an archive, a preview is proposed by the application. This preview generates a URL including an md5 hash of the file accessed. The document's URL https://url/tmp/M...
CVE-2022-37774
CVE-2022-37774 affects Maarch RM 2.8.3. A broken access-control flaw allows unauthenticated access to previews of certain documents (PDFs/emails) via a generated URL containing the MD5 hash, e.g. https://{url}/tmp/{MD5}. This URL can disclose the document without authentication, constituting a co...
CVE-2022-37774
There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. When accessing some specific document pdf, email from an archive, a preview is proposed by the application. This preview generates a URL including an md5 hash of the file accessed. The document's URL https://url/tmp/M...