CVE-2023-33524 Information

Description

Advent/SSC Inc. Tamale RMS < 23.1 is vulnerable to Directory Traversal. If one traverses to the affected URL one enumerates Contact information on the host which contains usernames e-mail addresses and other internal information stored within the web app.

Reference

https://gist.github.com/barrett092/9ed092e4b14b9145f4d046556eb9dab7 https://cve.report/CVE-2023-33524