Cherokee is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. Cherokee 0.5.4 and prior versions are vulnerable.
- IBM WebSphere Application Server (WAS) XSS and CSRF Vulnerabilities
- GoAhead WebServer 'name' and 'address' Cross-Site Scripting Vulnerabilities
- HttpBlitz Server HTTP Request Remote Denial of Service Vulnerability
- Apache Tomcat Hash Collision Denial Of Service Vulnerability
- Cherokee Directory Traversal Vulnerability