CVE-2017-15683

Name of the Vulnerable Software and Affected Versions: Crafter Studio versions prior to 3.0.1

Description: An unauthenticated attacker can create a site with specially crafted XML, allowing the retrieval of OS files out-of-band. This issue affects Crafter Studio, enabling attackers to access sensitive files without proper authentication.

Recommendations: For versions prior to 3.0.1, update to version 3.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the XML site creation feature until a patch is applied.