CVE-2017-8383
Craft CMS prior to 2.6.2976 contains an information-disclosure vulnerability where access to files under the craft/app/ directory is not properly restricted. The issue allows potential exposure of sensitive information. Root cause is insufficient access controls within the affected file path. Aff...