Canarytokens Vulnerability: Predictable Size and Metadata in Word Documents

CVE-2019-9768 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies on limited variation in size, metadata, and timestamp, which makes it easier for attackers to estimate whether a Word document contains a token.

Learn more about our Web Application Penetration Testing UK.