Описание
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an attacker to obtain registered users' details.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| jspwiki | removed | package |
Связанные уязвимости
CVSS3: 7.5
ubuntu
почти 7 лет назад
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an attacker to obtain registered users' details.
CVSS3: 7.5
nvd
почти 7 лет назад
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an attacker to obtain registered users' details.
CVSS3: 7.5
github
почти 7 лет назад
Improper Limitation of a Pathname ('Path Traversal') in org.apache.jspwiki:jspwiki-war