CVE-2024-40407

Name of the Vulnerable Software and Affected Versions Cybele Software Thinfinity Workspace versions prior to 7.0.2.113

Description A full path disclosure issue allows attackers to obtain the root path of the application via unspecified vectors. This could potentially be exploited to gain sensitive information about the application's structure.

Recommendations For versions prior to 7.0.2.113, update to version 7.0.2.113 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive application paths to minimize the risk of exploitation.