Описание
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:aptana:jaxer:1.0.3.4547:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.55645
Средний
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
EPSS
Процентиль: 98%
0.55645
Средний
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22