Description
Due to a vulnerability in NodeBB, an unauthenticated attacker can access sensitive information from arbitrary JSON files on the server.
Remediation
Upgrade to the latest version of NodeBB
References
Related Vulnerabilities
WordPress Plugin Woocommerce CSV importer Arbitrary File Deletion (3.3.6)
Oracle JRE CVE-2013-2415 Vulnerability (CVE-2013-2415)
Oracle JRE CVE-2019-2962 Vulnerability (CVE-2019-2962)
WordPress Plugin Knews Multilingual Newsletters Cross-Site Request Forgery (1.2.5)
WordPress Plugin MAZ Loader-Preloader Builder for WordPress Cross-Site Request Forgery (1.4.0)