CVE-2023-3241

Name of the Vulnerable Software and Affected Versions OTCMS versions up to 6.62

Description A vulnerability was found in OTCMS, affecting some unknown functionality of the file "/admin/read.php?mudi=announContent". The manipulation of the url argument leads to path traversal. The exploit has been disclosed to the public and may be used.

Recommendations For OTCMS versions up to 6.62, consider restricting access to the "/admin/read.php" endpoint until a patch is available. As a temporary workaround, avoid using the url argument in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.