François Mehault

**Name of the Vulnerable Software and Affected Versions** Maarch RM version 2.8.3 **Description** The issue is related to an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. This could allow an unauthenticated remote attacker to potentially exploit the issue, leading to compromised accounts. **Recommendations** For Maarch RM version 2.8.3, consider implementing rate limiting or IP blocking to restrict excessive authentication attempts as a temporary workaround until a patch is available. Restrict access to the authentication module to minimize the risk of exploitation. Avoid using verbose responses in the application to reduce the attack surface.

**Name of the Vulnerable Software and Affected Versions** Maarch RM version 2.8 **Description** The issue is related to an authenticated SQL Injection vulnerability in the statistics page, specifically at the "/statistics/retrieve" API endpoint, via the `filter` parameter. This vulnerability allows for the complete disclosure of all databases. **Recommendations** For Maarch RM version 2.8, as a temporary workaround, consider restricting access to the "/statistics/retrieve" API endpoint until a patch is available. Avoid using the `filter` parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Maarch RM version 2.8.3 **Description** The issue concerns a broken access control vulnerability. When accessing specific documents, such as PDFs or emails, from an archive, the application proposes a preview. This preview generates a URL that includes an MD5 hash of the accessed file. The document's URL, in the format https://{url}/tmp/{MD5 hash of the document}, becomes accessible without requiring authentication. **Recommendations** For Maarch RM version 2.8.3, consider restricting access to the preview feature until a patch is available, or implement an additional authentication mechanism for the generated URLs to prevent unauthorized access.