CVE-2025-57682
Published
CVSS v3
6.5
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS
Description
Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the "POST /api/file/s3/get-presigned-get-url-proxy" API
Papermark is the open-source DocSend alternative with built-in analytics and custom domains.
GitHub