CVE-2019-8982

2019-02-21T14:29:00
ID CVE-2019-8982
Type cve
Reporter cve@mitre.org
Modified 2019-02-21T19:56:00

Description

com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF.