Arbitrary File Read Vulnerability in Metersphere v1.15.4

Arbitrary File Read Vulnerability in Metersphere v1.15.4

CVE-2021-45789 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the server via the file download function.

Learn more about our Cis Benchmark Audit For Server Software.