CVE-2020-37077

Name of the Vulnerable Software and Affected Versions Booked Scheduler version 2.7.7

Description A directory traversal issue exists in the 'manage email templates.php' script. Authenticated administrators can exploit the tn parameter to read files outside the intended directory by using directory path traversal techniques, which is a method used to access files and directories that are stored outside the web root folder.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.