PROGRAM contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the /__web/Systems/UnregisteredDomainWidget facility not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../). This directory traversal attack would allow the attacker to read arbitrary files outside of the web server's root.
Remote / Network Access
Loss of Confidentiality
Upgrade to version 11846 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.