Количество 2
Количество 2
CVE-2016-0709
Directory traversal vulnerability in the Import/Export function in the Portal Site Manager in Apache Jetspeed before 2.3.1 allows remote authenticated administrators to write to arbitrary files, and consequently execute arbitrary code, via a .. (dot dot) in a ZIP archive entry, as demonstrated by "../../webapps/x.jsp."
GHSA-w47p-5q88-hj5g
Path Traversal in Apache Jetspeed
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-0709 Directory traversal vulnerability in the Import/Export function in the Portal Site Manager in Apache Jetspeed before 2.3.1 allows remote authenticated administrators to write to arbitrary files, and consequently execute arbitrary code, via a .. (dot dot) in a ZIP archive entry, as demonstrated by "../../webapps/x.jsp." | CVSS3: 7.2 | 67% Средний | почти 10 лет назад |
| GHSA-w47p-5q88-hj5g Path Traversal in Apache Jetspeed | CVSS3: 7.2 | 67% Средний | больше 3 лет назад |
Уязвимостей на страницу