CVE-2024-6097

Name of the Vulnerable Software and Affected Versions Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211)

Description Information disclosure is possible by a local threat actor through an absolute path vulnerability. This issue allows a local threat actor to potentially disclose sensitive information.

Recommendations For versions prior to 2025 Q1 (19.0.25.211), update to a version released after 2025 Q1 (19.0.25.211) to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and implementing additional security measures to minimize the risk of exploitation.