Directory Traversal Vulnerability in Liferay 5.1.0 via minifierBundleDir Parameter

Directory Traversal Vulnerability in Liferay 5.1.0 via minifierBundleDir Parameter

CVE-2016-6517 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Directory traversal vulnerability in Liferay 5.1.0 allows remote attackers to have unspecified impact via a %2E%2E (encoded dot dot) in the minifierBundleDir parameter to barebone.jsp.

Learn more about our Web Application Penetration Testing UK.