Description In IIS, remote attackers can obtain source code for ASP files by appending "::$DATA" to the URL. Remediation References CVE-1999-0278 Related Vulnerabilities XWiki Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-37913) XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-45134) Play Framework Data Amplification Vulnerability (CVE-2020-28923) MySQL CVE-2020-14771 Vulnerability (CVE-2020-14771) MySQL CVE-2023-21950 Vulnerability (CVE-2023-21950) Severity Medium Classification CVE-1999-0278 Tags Missing Update Known Vulnerabilities