CVE-2024-55970

Name of the Vulnerable Software and Affected Versions Syncfusion Essential Studio for ASP.NET MVC versions prior to 27.1.55

Description The issue is related to a traversal problem in the File Manager component, which is connected to the request parameter. This could potentially allow unauthorized access to files or directories.

Recommendations For versions prior to 27.1.55, update to version 27.1.55 or later to resolve the issue. As a temporary workaround, consider restricting access to the File Manager component until a patch is applied. Avoid using the vulnerable request parameter in the affected File Manager endpoint until the issue is resolved.