TVN ID | TVN-202312003 |
---|---|
CVE ID | CVE-2023-48373 |
CVSS | 7.5 (High) CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Affected Products | OMICARD EDM’s file uploading function |
Description | ITPison OMICARD EDM has a path traversal vulnerability within its parameter “FileName” in a specific function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files. |
Solution | Update version to v5.9 |
Credit | Vtim(DEVCORE) |
Public Date | 2023-12-15 |