2021-12-27 11:51:55
mitre
PUBLISHED
An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function.