AI Score
Confidence
High
EPSS
Percentile
35.6%
In Eclipse Kura versions up to 4.0.0, the SkinServlet did not checked the path passed during servlet call, potentially allowing path traversal in get requests for a limited number of file types.
www.securityfocus.com/bid/107844
bugs.eclipse.org/bugs/show_bug.cgi?id=545835