CVE-2023-23327 Information

Description

An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Backups of the AvantFAX sent/received faxes and database backups are stored using the current date as the filename and hosted on the web server without access controls.

Reference

https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md http://avantfax.com