TheWoodenBench/CVE-2025-66955

Releases0

Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment and downloadAttachmentFromPath API calls.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-66955 ↗	Mar 12, 2026Thursday, 12 March 2026, 19:16	6.5 MEDIUM	—
Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment and downloadAttachmentFromPath API calls.