Execution with Unnecessary Privileges in kalcaddle/kodexplorer
Jun 20th 2021
direct file url leaked for eml file
user can upload eml file and can share this . After sharing this file , it will leak direct link of this file .
Which allow to download this file even when sharing is disabled .
💥 STEP TO REPRODUCE
1. First goto your kodexplorer admin account and visit desktop .
Now upload a eml file
2. Now generate a sharing link like
3. Now as a external user open this sharing link and view page source and it will disclose direct-link
Now from admin account disabled the sharing .
Finally user can download the file using above leaked url .
So, user can download file even after its disabled .