9.1 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
75.0%
The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file.
dev.deluge-torrent.org/wiki/ReleaseNotes/1.3.15
git.deluge-torrent.org/deluge/commit/?h=1.3-stable&id=41acade01ae88f7b7bbdba308a0886771aa582fd
www.debian.org/security/2017/dsa-3856
www.securityfocus.com/bid/99099
bugs.debian.org/862611