EPSS
Percentile
92.5%
ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax request.
www.iwantacve.cn/index.php/archives/132/