Grist-Core Insufficient Access Control Vulnerability in Document Comparison Endpoint
Vulnerability
A vulnerability exists in Grist-Core versions prior to 1.7.6, allowing users with partial read access to documents to access the '/compare' endpoint. This endpoint could be used to retrieve hashes of document versions and a complete list of changes between those versions, including details about cells, columns, or tables that the user was not authorized to view. The issue has been addressed in version 1.7.6 by restricting the '/compare' endpoint to users with full read access.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive document history and changes, including information that the user was not permitted to read.
Remediation
Users are advised to upgrade to Grist-Core version 1.7.6 or later. For those unable to upgrade, sensitive document history can be removed using the '/states/remove' endpoint, or the '/compare' endpoint can be blocked.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.