CVE-2021-42052
CVE-2021-42052 affects IPESA e-Flow 3.3.6. The vulnerability is a path traversal that allows reading any file within the web root via the lib/js/build/STEResource.res path and the R query parameter. It is documented with a high CVSS score (7.5, HIGH) and network attack vector with no privileges r...