Vulnerability found in Dropbox Merou – CVE-2022-4768
December 28, 2022
Release Date – Dec 27, 2022
CVE Details – CVE-2022-4768
Alert Severity – Medium
Affected Products – Dropbox Merou application
Description –
Merou is Dropbox’s open source authorization service or an application that allows users to manage membership of their groups.
This vulnerability was found in Dropbox merou application only and has been classified as critical. It is possible to launch the attack remotely and may impact confidentiality, integrity, and availability.
Mitigation/Solution –
Patch from Dropbox is available under the name – d93087973afa26bc0a2d0a5eb5c0fde748bdd107.
It is recommended to apply a patch to fix this issue.
Merou is Dropbox home grown application
Microsoft Defender SmartScreen Security Feature Bypass Vulnerability – CVE-2022-44698
