Search criteria
2 vulnerabilities by papermerge
CVE-2025-10209 (GCVE-0-2025-10209)
Vulnerability from cvelistv5 – Published: 2025-09-10 18:32 – Updated: 2025-09-10 18:49
VLAI?
Title
Papermerge DMS Authorization Token improper authorization
Summary
A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Papermerge | DMS |
Affected:
3.5.0
Affected: 3.5.1 Affected: 3.5.2 Affected: 3.5.3 |
Credits
unhingedazrael (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10209",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T18:49:55.727404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T18:49:58.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://docs.google.com/document/d/19j0mCR-QOuhlxAJMir00Z8_MZdydVdmE_Ak09ra2NHw/edit?tab=t.0"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Authorization Token Handler"
],
"product": "DMS",
"vendor": "Papermerge",
"versions": [
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.5.2"
},
{
"status": "affected",
"version": "3.5.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "unhingedazrael (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In Papermerge DMS bis 3.5.3 wurde eine Schwachstelle gefunden. Hierbei betrifft es unbekannten Programmcode der Komponente Authorization Token Handler. Die Ver\u00e4nderung resultiert in improper authorization. Der Angriff l\u00e4sst sich \u00fcber das Netzwerk starten. Die Schwachstelle wurde \u00f6ffentlich offengelegt und k\u00f6nnte ausgenutzt werden."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.5,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T18:32:06.527Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-323482 | Papermerge DMS Authorization Token improper authorization",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.323482"
},
{
"name": "VDB-323482 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.323482"
},
{
"name": "Submit #639750 | Github Papermerge 3.5.3 Improper Access Controls",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.639750"
},
{
"tags": [
"exploit"
],
"url": "https://docs.google.com/document/d/19j0mCR-QOuhlxAJMir00Z8_MZdydVdmE_Ak09ra2NHw/edit?usp=sharing"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-09-10T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-09-10T12:14:26.000Z",
"value": "VulDB entry last update"
}
],
"title": "Papermerge DMS Authorization Token improper authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-10209",
"datePublished": "2025-09-10T18:32:06.527Z",
"dateReserved": "2025-09-10T10:09:09.250Z",
"dateUpdated": "2025-09-10T18:49:58.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-29456 (GCVE-0-2020-29456)
Vulnerability from cvelistv5 – Published: 2020-12-02 07:50 – Updated: 2024-08-04 16:55
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document's filename. If email consumption is configured in Papermerge, a malicious document can be sent by email and is automatically uploaded into the Papermerge web application. Therefore, no authentication is required to exploit XSS if email consumption is configured. Otherwise authentication is required.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:55:10.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.papermerge.com/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ciur/papermerge/issues/228"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/ciur/papermerge/releases/tag/v1.5.2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document\u0027s filename. If email consumption is configured in Papermerge, a malicious document can be sent by email and is automatically uploaded into the Papermerge web application. Therefore, no authentication is required to exploit XSS if email consumption is configured. Otherwise authentication is required."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-02T07:50:23",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.papermerge.com/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ciur/papermerge/issues/228"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/ciur/papermerge/releases/tag/v1.5.2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-29456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. The payload can be in a folder, a tag, or a document\u0027s filename. If email consumption is configured in Papermerge, a malicious document can be sent by email and is automatically uploaded into the Papermerge web application. Therefore, no authentication is required to exploit XSS if email consumption is configured. Otherwise authentication is required."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.papermerge.com/",
"refsource": "MISC",
"url": "https://www.papermerge.com/"
},
{
"name": "https://github.com/ciur/papermerge/issues/228",
"refsource": "MISC",
"url": "https://github.com/ciur/papermerge/issues/228"
},
{
"name": "https://github.com/ciur/papermerge/releases/tag/v1.5.2",
"refsource": "MISC",
"url": "https://github.com/ciur/papermerge/releases/tag/v1.5.2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-29456",
"datePublished": "2020-12-02T07:50:23",
"dateReserved": "2020-12-02T00:00:00",
"dateUpdated": "2024-08-04T16:55:10.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}