Directory Traversal Vulnerability in Novell Filr Email-Template Feature

CVE-2016-1610

Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrictions and write to arbitrary files via a .. (dot dot) in a blob name.

Learn more about our Web Application Penetration Testing UK.