CVE-2023-3241
LowCVSS 3.5Exploitation Probability (EPSS)
Elevated risk57th percentile — higher than 57% of all known CVEs
Summary
A vulnerability was found in OTCMS up to version 6.62 that allows path traversal through manipulation of the url argument in the file /admin/read.php?mudi=announContent.
Risk Assessment
Exploitation of this vulnerability may lead to unauthorized access to system files, posing a serious threat to the organization's data security.
Recommendation
It is recommended to update OTCMS to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.
Original NVD description (English source)
A vulnerability was found in OTCMS up to 6.62 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/read.php?mudi=announContent. The manipulation of the argument url leads to path traversal. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231512.

