CVE-2024-37728

Publication date

2024-09-10 00:00:00

Family

mitre

State

PUBLISHED

Description

Arbitrary File Read vulnerability in Xian Daxi Information Technology Co., Ltd OfficeWeb365 v.7.18.23.0 and v8.6.1.0 allows a remote attacker to obtain sensitive information via the "Pic/Indexes" interface