CVE-2023-25573
metersphere is an open source continuous testing platform. In affected versions, an improper access control vulnerability exists in `/api/jmeter/download/files`, which allows any user to download any file without authentication. This issue may expose all files available to the running process.
