Directory Traversal Vulnerability in YetiForceCRM 6.4.0 and Earlier: Unauthorized Access to Sensitive Information

Directory Traversal Vulnerability in YetiForceCRM 6.4.0 and Earlier: Unauthorized Access to Sensitive Information

CVE-2023-49508 · Severity

Directory Traversal vulnerability in YetiForceCompany YetiForceCRM versions 6.4.0 and before allows a remote authenticated attacker to obtain sensitive information via the license parameter in the LibraryLicense.php component.

Learn more about our Crm Penetration Testing.