Описание
The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
Ссылки
Уязвимые конфигурации
Одно из
EPSS
3.3 Low
CVSS2
Дефекты
Связанные уязвимости
The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary files via an unspecified symlink attack.
The default configuration of javax.servlet.context.tempdir in Apache C ...
Incorrect Default Permissions in Apache Commons FileUpload
EPSS
3.3 Low
CVSS2