Description
- Ext JS is a pure JavaScript application framework for building interactive web applications using techniques such as Ajax, DHTML and DOM scripting. Baidu Security Team found a vulnerability in the examples provided with Ext JS that allows an attacker to initiate arbitrary HTTP requests and (in some conditions) read arbitrary files from the server.
Remediation
- Restrict access to the examples directory provided with Ext JS.
References
Severity
Classification
Tags
Related Vulnerabilities
- WordPress Plugin Aspose PDF Exporter Arbitrary File Download (1.0)
- WordPress Plugin Slider Revolution Responsive Local File Inclusion (4.1.4)
- WordPress Plugin Photo Gallery by WD-Responsive Photo Gallery for WordPress Directory Traversal (1.3.33)
- WordPress Plugin Import CSV Directory Traversal (1.0)
- WordPress Plugin wp-FileManager Arbitrary File Disclosure (1.3.0)