5 matches found
CVE-2025-27101
Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, when copying any parent directory to a folder in the /temp/ directory, all files in that parent directory are copied, including files which the user should not have access to. All users of t...
CVE-2025-27101
creationtimestamp| type| source ---|---|--- 2025-03-11 21:39:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7246...
CVE-2025-27101 Broken Access Control in Opal filesystem's copy functionality exposes all user data
Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, when copying any parent directory to a folder in the /temp/ directory, all files in that parent directory are copied, including files which the user should not have access to. All users of t...
CVE-2025-27101 Broken Access Control in Opal filesystem's copy functionality exposes all user data
Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, when copying any parent directory to a folder in the /temp/ directory, all files in that parent directory are copied, including files which the user should not have access to. All users of t...
CVE-2025-27101
CVE-2025-27101 — Opal filesystem copy path traversal / access control issue : Opal (OBiBa) before version 5.1.1 exposes files from a user’s directory when copying any parent directory to a folder under /temp/. This flaw allows any user (including low-privilege DataShield users) to access files th...