Improper Validation of Syntactic Correctness of Input in HedgeDoc - #VU127922
Published: February 14, 2025 / Updated: April 25, 2026
Vulnerability identifier: #VU127922
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: N/A
CWE-ID: CWE-1286
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: HedgeDoc
Affected software:
HedgeDoc
HedgeDoc
Detailed vulnerability description
The vulnerability allows a remote user to gain ownership access to other users' notes.
The vulnerability exists due to improper validation of syntactic correctness of input in the SAML authentication user mapping logic when processing SAML logins with a NameID format that relies on a missing or improperly mapped attribute. A remote user can authenticate via SAML under this misconfiguration to gain ownership access to other users' notes.
Exploitation requires SAML authentication to be in use and a configuration where the IdP does not return the attribute required by the configured NameID format or the corresponding property mapping is not properly configured.
Remediation
Install security update from vendor's website.