Description
An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a crafted path.
Remediation
References
https://github.com/h00klod0er/ureport2-vuln/
Related Vulnerabilities
CVE-2020-7677 Vulnerability in npm package thenify
CVE-2007-4556 Vulnerability in maven package opensymphony:xwork
CVE-2016-7103 Vulnerability in maven package org.webjars:jquery-ui
CVE-2010-2076 Vulnerability in maven package org.apache.axis2:axis2-kernel
CVE-2021-23346 Vulnerability in npm package html-parse-stringify2