Writeup Mobile App
Monthly
Authorization bypass in Kurt Software Studio WriteUp Mobile App versions 1.3.0 through 04062026 allows authenticated users to access functionality outside their permitted scope, leading to high confidentiality, integrity, and availability impact. The flaw, reported by Turkey's national CERT (TR-CERT), stems from missing ACL enforcement on application functions reachable over the network with low privileges. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.
Authorization bypass in Kurt Software Studio WriteUp Mobile App versions 1.3.0 through 04062026 allows authenticated users to access functionality outside their permitted scope, leading to high confidentiality, integrity, and availability impact. The flaw, reported by Turkey's national CERT (TR-CERT), stems from missing ACL enforcement on application functions reachable over the network with low privileges. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.