An API endpoint allowed access to sensitive files from other users by knowing the UUID of the file that were not intended to be accessible by UUID only.
CVSS
No CVSS.
References
Configurations
No configuration.
History
No history.
Information
Published : 2025-12-19 13:16
Updated : 2025-12-19 18:00
NVD link : CVE-2025-14882
Mitre link : CVE-2025-14882
CVE.ORG link : CVE-2025-14882
JSON object : View
Products Affected
No product.
CWE
CWE-639
Authorization Bypass Through User-Controlled Key