X

DropBox disabled shared links due to vulnerability

If you are a DropBox customer, you may have noticed your shared link does not work any more. It has nothing to do with you, and it is because DropBox disabled all shared links due to a recently discovered vulnerability that may give other people access to files via shared link without consent. What does it mean? DropBox users can share files or folders in their DropBox, but only those people who know the shared link are able to access the files or folders shared to them. However, due to a vulnerability in header referrer, it is possible for other people to discover the original shared link, and thus to have access to the files or folders that are not shared to them.

DropBox disabled all shared links and also patched the vulnerability, so if you notice your shared link is not working now, you can recreate the shared link, and the new link does not suffer from the header referrer vulnerability.

For more information about the vulnerability, you can check DropBox’s blog post.

Jeffrey:
Related Post