CVE-2018-19620

Name of the Vulnerable Software and Affected Versions ShowDoc version 2.4.1

Description The issue allows remote attackers to edit other users' notes by navigating with a modified page id. This can be achieved by manipulating the page id to access and modify notes belonging to other users.

Recommendations For ShowDoc version 2.4.1, as a temporary workaround, consider restricting access to the note editing functionality until a patch is available. Additionally, avoid using the modified page id parameter to prevent unauthorized access to other users' notes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.