VYPR
Unrated severityNVD Advisory· Published Jan 29, 2024· Updated Nov 12, 2024

Unauthenticated Arbitrary File Read

CVE-2023-4550

Description

Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files.

An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted.

This issue affects AppBuilder: from 21.2 before 23.2.

Affected products

2
  • Opentext/AppBuilderllm-fuzzy2 versions
    >=21.2, <23.2+ 1 more
    • (no CPE)range: >=21.2, <23.2
    • (no CPE)range: 21.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.