Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to read arbitrary files via an absolute path traversal attack on sitecore/shell/download.aspx with the file parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sitecore crm 8.1 |