Description
Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write portions of arbitrary files, via a crafted session id in a cookie.
Remediation
References
Related Vulnerabilities
WordPress Plugin Order Export & Order Import for WooCommerce Information Disclosure (1.0.8)
Drupal Resource Management Errors Vulnerability (CVE-2013-0316)
Play Framework Data Amplification Vulnerability (CVE-2020-28923)
WordPress 5.2.x PHP Object Injection (5.2 - 5.2.10)
MediaWiki Uncontrolled Recursion Vulnerability (CVE-2022-28201)