Input validation

2022-11-1622:15:00

PRIOn knowledge base

www.prio-n.com

backclick professional

improper validation

local files

tomcat server

nvd

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.7%

JSON

An issue was discovered in BACKCLICK Professional 5.9.63. Due to improper validation, arbitrary local files can be retrieved by accessing the back-end Tomcat server directly.

CPENameOperatorVersion
backclickeq5.9.63

CPE	Name	Operator	Version
	backclick	eq	5.9.63

References

www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-037.txt