yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via the component /resources/application.yml.
The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.