Description
Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x before 1.1.0.CR5, and 1.2.x before 1.2.0.Beta3, when running on Windows, allows remote attackers to read arbitrary files via a .. (dot dot) in a resource URI.
Remediation
References
Related Vulnerabilities
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31548)
WordPress Plugin AnnounceME Cross-Site Scripting (0.3.3)
OpenSSL Resource Management Errors Vulnerability (CVE-2016-6308)
Restlet Framework Deserialization of Untrusted Data Vulnerability (CVE-2013-4271)
WordPress Plugin Product Slider for WooCommerce by PickPlugins Cross-Site Scripting (1.13.41)