MEDIUM
Asseco
CVE published 2026-03-12
CVE-2025-66955
CVE-2025-66955 is a medium-severity local file inclusion issue affecting the Contact Plan, E-Mail, SMS, and Fax components in Asseco SEE Live 2.0. The issue is described as exposure through the path parameter in the downloadAttachment and downloadAttachmentFromPath API calls, allowing remote authenticated users to access files on the host. The CVE was published on 2026-03-12 and last modified on 2026-05-1 [truncated]