CVE-2015-0933

2015-03-04T02:59:00
ID CVE-2015-0933
Type cve
Reporter cve@mitre.org
Modified 2015-03-04T19:09:00

Description

Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, when the paranoid openin_any setting is omitted, allows remote authenticated users to read arbitrary files via a \include command.