Information Disclosure
Ezsystems/ezpublish-kernel is vulnerable to Information Disclosure. The vulnerability exists because it does not properly validate downloads in the management mechanisms in DownloadController.php, allowing an attacker to gain access sensitive data...