|CVSS SCORE||4.3, (AV:N/AC:M/Au:N/C:P/I:N/A:N)|
The specific flaw exists within task_controller.php. The url parameter does not properly sanitize the path supplied. An attacker can leverage this vulnerability to disclose arbitrary files from the system.
Trend Micro has issued an update to correct this vulnerability. More details can be found at: