VMware has posted news of a moderate bug in vRealize Log Insight.
The vulnerability “may allow for a directory traversal attack [and] lead to a partial information disclosure.”
The fix is in: just upgrade to the new version 3.6 of the product, which you can find here. ®