CVE-2018-14928
CVE-2018-14928 describes a vulnerability where /contingency/servlet/ServletFileDownload executes with root privileges and exposes unauthenticated access to files via the file parameter. This enables file disclosure without authentication. The NVD entry assigns a CVSSv3 base score of 7.5 (HIGH) wi...