2025-05-05 00:00:00
mitre
PUBLISHED
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password.