Vulnerability Details CVE-2023-37288
SmartBPM.NET component has a vulnerability of path traversal within its file download function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.6%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2023-37288
-
cpe:2.3:a:smartsoft:smartbpm.net:6.70