Note Mark Broken Access Control Vulnerability in Asset Download Endpoint
Vulnerability
A broken access control vulnerability has been identified in Note Mark, an open-source note-taking application, in versions through 0.19.1. The vulnerability exists in the asset download endpoint, which is not protected by authentication middleware. As a result, an unauthenticated user who knows a valid note ID and asset ID can access the full contents of private note assets, regardless of the associated book's visibility. This issue has been fixed in version 0.19.2.
Impact
Exploitation of this vulnerability allows unauthenticated users to access private note assets through the asset download endpoint, leading to unauthorized disclosure of sensitive information.
Reproduction
To reproduce this vulnerability, create a private note and attach an asset to it. Then, request the asset download endpoint using the note ID and asset ID without authentication. The server will respond with the asset content, demonstrating the broken access control.
Remediation
Users can upgrade to Note Mark version 0.19.2 to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.