CVE-2019-14362

2019-07-2817:26:06

mitre

www.cve.org

5.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.4%

JSON

Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. This vulnerability could allow remote authenticated attackers to replace a file on the server via the getAttachmentDirectoryForNewAttachment inpKey value.

References

grep.blog/directory-traversal-openbravo/

issues.openbravo.com/view.php?id=41413

www.sitincloud.com/securite/directory-traversal-openbravo-erp/