CVE-2023-4550

Name of the Vulnerable Software and Affected Versions OpenText AppBuilder versions 21.2 through 23.2

Description The issue allows an unauthenticated or authenticated user to abuse a page of AppBuilder to read arbitrary files on the server. This is due to improper input validation, making files or directories accessible to external parties.

Recommendations For versions 21.2 through 23.2, update to version 23.2 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories on the server until a patch is applied.