Security Advisory
CVE-2020-36887
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SpinetiX Fusion Digital Signage 3.4.8 contains an unauthenticated information disclosure vulnerability in the database backup directory. Attackers can access the /content/files/backups/ endpoint to download sensitive backup files containing user credentials and system information.