Description
Craft CMS before 2.6.2976 does not properly restrict viewing the contents of files in the craft/app/ folder.
Remediation
References
Related Vulnerabilities
Drupal CVE-2014-1475 Vulnerability (CVE-2014-1475)
Python Out-of-bounds Write Vulnerability (CVE-2009-4134)
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3)
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1041)
Oracle Application Server CVE-2002-1637 Vulnerability (CVE-2002-1637)