Description

A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files.

Remediation

References

CVE-2018-1047

Related Vulnerabilities

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31048)

MySQL CVE-2015-0382 Vulnerability (CVE-2015-0382)

WordPress Plugin Post Views Count (Support caching plugins!) Cross-Site Scripting (3.0.2)

WordPress Plugin Stockdio Historical Chart Cross-Site Scripting (2.7.2)

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17302)

Severity

Medium

Classification

CVE-2018-1047 CWE-22 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities