CVE-2020-23490

Name of the Vulnerable Software and Affected Versions AVideo versions prior to 8.9

Description A local file disclosure issue exists via the proxy streaming, allowing an unauthenticated attacker to read arbitrary files on the server. This could lead to the leakage of sensitive information, such as database credentials or files like /etc/passwd.

Recommendations For versions prior to 8.9, update to version 8.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the proxy streaming feature until a patch is applied.