CVE-2025-53709

Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service only installed on a small number of environments.<br /> <br /> Under specific circumstances, privileged users of secure-upload could have selected email templates not necessarily created for their enrollment when sending data upload requests.<br /> Authenticated and privileged users of one enrollment could have abused an endpoint to redirect existing submission channels to a dataset they control.<br /> An endpoint handling domain validation allowed unauthenticated users to enumerate existing enrollments.<br /> Finally, other endpoints allowed enumerating if a resource with a known RID exists across enrollments.<br /> <br /> The affected service has been patched with version 0.815.0 and automatically deployed to all Apollo-managed Foundry instances.