Abyss Web Server Character Append Arbitrary File Disclosure
Remote / Network Access
Loss of Confidentiality
Abyss Web Server contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a '+' is appended to .chl files, which will disclose file contents resulting in a loss of confidentiality.
Currently, there are no known workarounds or upgrades to correct this issue. However, Aprelium has released a patch to address this vulnerability.