Missing Authorization Vulnerability in Vaultize Enterprise File Sharing 17.05.31 Allows Unauthorized File Export

Missing Authorization Vulnerability in Vaultize Enterprise File Sharing 17.05.31 Allows Unauthorized File Export

CVE-2018-10207 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format.

Learn more about our Web Application Penetration Testing UK.