Headline

GHSA-rmcx-fg5w-x8j9: FusionAuth vulnerable to directory traversal attack

FusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. To be specific, an attacker may be able to view or retrieve any file readable by the user running the FusionAuth process.

2 years ago

ghsa

Open in Source

#git #auth

FusionAuth vulnerable to directory traversal attack

High severity GitHub Reviewed Published Nov 28, 2022 • Updated Nov 30, 2022

2 years ago

CVE

Open in Source

#git #auth

ghsa: Latest News

GHSA-mj5r-x73q-fjw6: SPEmailHandler-PHP has Potential Abuse for Sending Arbitrary Emails

18 hours ago

ghsa

GHSA-jwcm-9g39-pmcw: Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts

19 hours ago

ghsa

GHSA-55v3-xh23-96gh: `auth.TokenForHost` violates GitHub host security boundary when sourcing authentication token within a codespace

19 hours ago

ghsa

GHSA-j6vm-4r7g-x4gr: Devolutions.XTS.NET Vulnerable to Timing Attack on GF Multiplications

21 hours ago

ghsa

GHSA-6q3q-6v5j-h6vg: Querydsl vulnerable to HQL injection trough orderBy

21 hours ago

ghsa

Headline

GHSA-rmcx-fg5w-x8j9: FusionAuth vulnerable to directory traversal attack

Related news

ghsa: Latest News