CVE-2025-10209 | Papermerge DMS up to 3.5.3 Authorization Token improper authorization

Inserito da Angelo Barbosa | Set 10, 2025 | CVE

A vulnerability marked as critical has been reported in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper authorization.

This vulnerability is identified as CVE-2025-10209. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-10209 | Papermerge DMS up to 3.5.3 Authorization Token improper authorization

Post correlati

CVE-2024-51180 | PHPGurukul IFSC Code Finder Project 1.0 /ifscfinder/index.php searchifsccode cross site scripting

CVE-2024-4180 | Events Calendar Plugin up to 6.4.0.0 on WordPress cross site scripting

CVE-2025-25064 | Zimbra Collaboration Suite up to 10.0.11/10.1.3 ZimbraSyncService SOAP Endpoint sql injection

CVE-2025-0364 | BigAntSoft BigAnt Server up to 5.6.06 authentication bypass