2025-08-06 00:00:00
mitre
PUBLISHED
A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to read arbitrary filesystem files by exploiting an unsanitized file_get_contents() function call in /api_vedo/template.