CVE-2015-8794 in RoundCube정보

요약

\~에 의해 MITRE

Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full pathname in the _alt parameter, related to contact photo handling.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

출처

Do you know our Splunk app?

Download it now for free!