Rawi

**Name of the Vulnerable Software and Affected Versions** MasaCMS version 7.2.1 **Description** The issue is a path traversal vulnerability in the `/index.cfm/ api/asset/image/` API endpoint. This allows for unauthorized access to files on the system. **Recommendations** For MasaCMS version 7.2.1, as a temporary workaround, consider restricting access to the `/index.cfm/ api/asset/image/` API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.