CVE-2016-4314

2017-02-16T21:59:12
ID CVE-2016-4314
Type cve
Reporter NVD
Modified 2017-02-17T12:42:32

Description

Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the logFile parameter to downloadgz-ajaxprocessor.jsp.