Transmission of Private Resources into a New Sphere (Resource Leak) vulnerability in CrafterCMS Engine on Linux, MacOS, x86, Windows, 64 bit, ARM allows Directory Indexing, Resource Leak Exposure.This issue affects CrafterCMS: from 4.0.0 before 4.0.8, from 4.1.0 before 4.1.6.
The product makes resources available to untrusted parties when those resources are only intended to be accessed by the product.