CVE-2025-57682

Publication date

2025-09-22 00:00:00

Family

mitre

State

PUBLISHED

Description

Directory Traversal vulnerability in Papermark 0.20.0 and prior allows authenticated attackers to retrieve arbitrary files from an S3 bucket through its CloudFront distribution via the "POST /api/file/s3/get-presigned-get-url-proxy" API