CVE-2025-64753
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-13

Last updated on: 2025-11-20

Assigner: GitHub, Inc.

Description
grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with only partial read access to a document could still access endpoints listing hashes for versions of that document and receive a full list of changes between versions, even if those changes contained cells, columns, or tables to which the user was not supposed to have read access. This was fixed in version 1.7.7 by restricting the `/compare` endpoint to users with full read access. As a workaround, remove sensitive document history using the `/states/remove` endpoint. Another possibility is to block the `/compare` endpoint.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-13
Last Modified
2025-11-20
Generated
2026-06-16
AI Q&A
2025-11-13
EPSS Evaluated
2026-06-14
NVD
CVE-2025-64753
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
getgrist grist-core to 1.7.7 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in grist-core versions prior to 1.7.7 allows a user with only partial read access to a document to access the /compare endpoint, which lists hashes for document versions and provides a full list of changes between versions. This means the user could see changes involving cells, columns, or tables they should not have permission to read. The issue was fixed in version 1.7.7 by restricting the /compare endpoint to users with full read access only.

Impact Analysis

The vulnerability can lead to unauthorized disclosure of sensitive information within a document. Users with limited access could view changes and data they are not permitted to see, potentially exposing confidential or restricted information. This could compromise data confidentiality and privacy within the affected system.

Compliance Impact

This vulnerability could negatively impact compliance with data protection standards such as GDPR and HIPAA because it allows unauthorized access to sensitive information. Exposing data to users without proper authorization may violate requirements for data confidentiality and access controls mandated by these regulations.

Detection Guidance

You can detect this vulnerability by checking if your grist-core server version is prior to 1.7.7 and if the `/compare` endpoint is accessible to users with partial read access. There are no specific commands provided, but you can test access by attempting to access the `/compare` endpoint with a user having only partial read access to a document and observing if it returns version hashes and change lists that should be restricted.

Mitigation Strategies

Immediate mitigation steps include upgrading grist-core to version 1.7.7 or later, which restricts the `/compare` endpoint to users with full read access. As a workaround, you can remove sensitive document history using the `/states/remove` endpoint or block access to the `/compare` endpoint entirely.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-64753. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart