Description
The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet.
Remediation
References
http://rhn.redhat.com/errata/RHSA-2015-0234.html
http://rhn.redhat.com/errata/RHSA-2015-0235.html
http://www.securityfocus.com/bid/88199
https://github.com/uberfire/uberfire/commit/21ec50eb15
Related Vulnerabilities
CVE-2023-35153 Vulnerability in maven package org.xwiki.platform:xwiki-platform-appwithinminutes-ui
CVE-2020-6462 Vulnerability in npm package electron
CVE-2014-0227 Vulnerability in maven package org.apache.tomcat:tomcat-coyote
CVE-2020-2142 Vulnerability in maven package org.jenkins-ci.plugins:p4
CVE-2014-8115 Vulnerability in maven package org.kie:kie-drools-wb-distribution-wars