216.73.216.236

CVE-2026-4947

· Published 01/04/2026 02:16 · Modified 01/04/2026 14:23

Labels: CVE-2026-4947 14984358-7092-470d-8f34-ade47a7658a22026-04-01CVE-2026-4947CWE-284

Essential information

Published
01/04/2026 02:16
Modified
01/04/2026 14:23
Author
Creator
CVSS
7.1 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CVSS metrics

Description

Addressed a potential insecure direct object reference (IDOR) vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access or modify unauthorized resources by manipulating user-supplied object identifiers, potentially leading to forged signatures and compromising the integrity and authenticity of documents undergoing the signing process. The issue was caused by insufficient authorization validation on referenced resources during request processing.

NVD status

Status
Undergoing Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
14984358-7092-470d-8f34-ade47a7658a2
NVD
View on NVD

Affected products (CPE)

ProductCPE
* / * cpe:2.3:a:*:*:*:*:*:*:*:*:*:*

References