2024-08-07 03:54:46
hackerone
PUBLISHED
Ivanti Docs@Work for Android, before 2.26.0 is affected by the Dirty Stream vulnerability. The application fails to properly sanitize file names, resulting in a path traversal-affiliated vulnerability. This potentially enables other malicious apps on the device to read sensitive information stored in the app root.