Multiple API endpoints allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only.
CVSS
No CVSS.
References
Configurations
No configuration.
History
No history.
Information
Published : 2025-12-19 13:16
Updated : 2025-12-19 18:00
NVD link : CVE-2025-14881
Mitre link : CVE-2025-14881
CVE.ORG link : CVE-2025-14881
JSON object : View
Products Affected
No product.
CWE
CWE-639
Authorization Bypass Through User-Controlled Key