Can download files on Android app without permission

Bug reported by hakuna was disclosed at January 16, 2026, 8:53 pm   |   Improper Access Control - Generic

A vulnerability was discovered in the Android app where users could download files shared with them, even if the owner had disabled the download option. The vulnerability affected various file types, including PDF, document, image, and presentation files. The vulnerability allowed users to access and download the shared files without the owner's permission.