Early Access — Mondoo Vulnerability Intelligence is currently in preview.
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
Exploitability
AV:NAC:LAT:NPR:LUI:NVulnerable System
VC:HVI:NVA:NSubsequent System
SC:NSI:NSA:N7.1/CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:NInput Validation