2 matches found
CVE-2025-35056
Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' 'StreamStampImage' accepts an encrypted file path and returns an image of the specified file. An authenticated attacker can read arbitrary files subject to the privileges of NIX, typically 'NT AUTHORITY\NetworkService', and the...
PT-2025-41472
Name of the Vulnerable Software and Affected Versions Newforma Info Exchange NIX affected versions not specified Description The software contains a flaw in the '/UserWeb/Common/MarkupServices.ashx' endpoint, specifically within the StreamStampImage function. This function processes encrypted fil...