Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote malicious users to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jspwiki jspwiki 2.5.139_beta |
||
jspwiki jspwiki 2.4.104 |
||
jspwiki jspwiki 2.5.139 |