The vulnerability of the library for processing HTTP requests in the HTTP_Request2 VPN-client Tunnelblick, related to the disclosure of information through test directories, allows a perpetrator to carry out XSS attacks and elevate their privileges to the root level.
The vulnerability of the library for processing HTTP requests in the HTTPRequest2 VPN-client Tunnelblick component is related to the disclosure of information through the tests/network/getparameters.php and tests/network/postparameters.php directories. Exploiting this vulnerability allows a remot...