Andrei Dabrakou

**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined. **Description** A user can upload a file to a conversation even if the file upload functionality is disabled. The system allows file uploads through direct API requests, despite the functionality being disabled for at least one use case. However, file interception and allowed file type rules are still applied correctly. This issue is not a concern if file sharing is generally enabled. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Unblu Spark versions 8.0.0 through 8.12.1 Unblu Spark version 8.13.1 **Description** An authorization bypass in Unblu Spark allows a participant of a conversation to replace an existing, uploaded file. Every uploaded file in Unblu gets assigned with a randomly generated Universally Unique ID (UUID). If a participant of this or another conversation gets access to such a file ID, it can be used to replace the file without changing the file name and details or the name of the user who uploaded the file. During the upload, file interception and allowed file type rules are still applied correctly. **Recommendations** For Unblu Spark versions 8.0.0 through 8.12.1, consider disabling file upload functionality until a patch is available. For Unblu Spark version 8.13.1, consider restricting access to file upload functionality until a patch is available. As a temporary workaround, consider implementing additional authorization checks for file uploads to prevent unauthorized file replacement.