Directory Traversal Vulnerability in Novell Filr Email-Template Feature

Directory Traversal Vulnerability in Novell Filr Email-Template Feature

CVE-2016-1610 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrictions and write to arbitrary files via a .. (dot dot) in a blob name.

Learn more about our Web Application Penetration Testing UK.