Icinga Web 2 is vulnerable to information disclosure. The vulnerability exists due to a lack of validation of access to the web-server allowing an attacker to leak the contents of the files of the local system.
packetstormsecurity.com/files/171774/Icinga-Web-2.10-Arbitrary-File-Disclosure.html
github.com/Icinga/icingaweb2/commit/9931ed799650f5b8d5e1dc58ea3415a4cdc5773d
github.com/Icinga/icingaweb2/security/advisories/GHSA-5p3f-rh28-8frw
security-tracker.debian.org/tracker/CVE-2022-24716
security.gentoo.org/glsa/202208-05