Download document with URL from unauthorized shell
Hello all,
I just recently had a chance to test the use of the DE uuu_doc_attribute_url myself. Not sure if this had been considered during the design and thus expected, but actually the URL can be abused for downloading documents from shells that a user is not having access to. Here's what I did.
- Using an admin user, I removed access for a user in a shell
- Then I find a random document in the shell's Document Manager and copy its URL
- Open a browser, then paste and run the copied URL
- When it prompts me to login, I used the credentials for the user whose access has just been removed from the shell