Security Advisory

CVE-2024-2045

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-29 23:37:37

Last updated 2025-05-19 16:56:56

Assigner Fluid Attacks

State PUBLISHED

Description

Session version 1.17.5 allows obtaining internal application files and public files from the users device without the users consent. This is possible because the application is vulnerable to Local File Read via chat attachments.

← Browse all CVEs View on cve.org ↗