In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.
View the template here CVE-2023-47246.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-47246