Papermerge DMS Authorization Token Improper Authorization Vulnerability

A vulnerability allowing improper authorization has been identified in Papermerge DMS versions through 3.5.3. This issue arises from an unknown processing flaw in the Authorization Token Handler component, where manipulation can lead to broken function-level authorization. The vulnerability can be exploited remotely, and a public proof-of-concept exploit is available.

Impact

Exploitation of this vulnerability allows authenticated users to bypass authorization controls, potentially leading to unauthorized actions such as deleting resources belonging to other users, thereby affecting data integrity and availability.

Reproduction

To reproduce this vulnerability, an authenticated user must send a request that includes a valid authorization token from a different account. This can be done by manipulating the authorization token in the request to access and delete resources belonging to other users.