CVE-2020-29448

CVE-2020-29448

The ConfluenceResourceDownloadRewriteRule class in Confluence Server and Confluence Data Center before version 6.13.18, from 6.14.0 before 7.4.6, and from 7.5.0 before 7.8.3 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.

Source: CVE-2020-29448

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다