Description
In Eclipse Kura versions up to 4.0.0, the SkinServlet did not checked the path passed during servlet call, potentially allowing path traversal in get requests for a limited number of file types.
Remediation
References
https://bugs.eclipse.org/bugs/show_bug.cgi?id=545835
http://www.securityfocus.com/bid/107844
Related Vulnerabilities
CVE-2020-25802 Vulnerability in maven package org.craftercms:crafter-studio
CVE-2021-41183 Vulnerability in npm package jquery-ui
CVE-2021-35065 Vulnerability in maven package org.webjars.npm:glob-parent
CVE-2022-45384 Vulnerability in maven package org.jenkins-ci.plugins:reverse-proxy-auth-plugin
CVE-2023-28709 Vulnerability in maven package org.apache.tomcat:tomcat-util