An issue was discovered in tangro Business Workflow before 1.18.1. No (or broken) access control checks exist on the /api/document/<DocumentID>/attachments API endpoint. Knowing a document ID, an attacker can list all the attachments of a workitem, including their respective IDs. This allows the attacker to gather valid attachment IDs for workitems that do not belong to them.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-12-18T09:26:48

Updated: 2024-08-04T15:49:07.145Z

Reserved: 2020-09-30T00:00:00

Link: CVE-2020-26176

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-12-18T10:15:13.087

Modified: 2024-11-21T05:19:27.233

Link: CVE-2020-26176

cve-icon Redhat

No data.