Full title: Kaseya VSA R9.2 Arbitrary File Read Vulnerability 
Category: web applications
Platform: asp
A security vulnerability was found in Kaseya VSA file download file functionality. Using this vulnerability an authenticated user in a Kaseya VSA environment is able to download arbitrary files from the server (including source code of Kaseya, the database backups, configuration files, and even windows files). Version R9.2 was found affected.

# 0day.today @ http://0day.today/