Описание
Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:unify:ewave_servletexec:3.0:*:*:*:*:*:*:*
cpe:2.3:a:unify:ewave_servletexec:3.0c:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03815
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".
EPSS
Процентиль: 88%
0.03815
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other