CVE-2024-54453 Information

Description

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35 7.10.x through 7.10.0.18 and 7.11.x through 7.11.0.15. A path traversal vulnerability in the DocServlet servlet allows remote attackers to retrieve any file from the Kurmi web application installation folder e.g. files such as the obfuscated and/or compiled Kurmi source code.

Reference

https://kurmi-software.com https://kurmi-software.com/cve/cve-2024-54453/