Johannes Eger

**Name of the Vulnerable Software and Affected Versions** MIK.starlight version 7.9.5.24363 **Description** The issue is related to improper authorization in multiple functions, allowing an authenticated attacker to escalate privileges. **Recommendations** For MIK.starlight version 7.9.5.24363, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MIK.starlight version 7.9.5.24363 **Description** The issue allows an authenticated attacker to read arbitrary files from the filesystem by specifying the file path, due to the functionality of the `AdminGetFirstFileContentByFilePath` function. **Recommendations** For MIK.starlight version 7.9.5.24363, consider restricting access to the `AdminGetFirstFileContentByFilePath` function to minimize the risk of exploitation.