CVE-2016-6126
IBM Kenexa LMS on Cloud (versions 13.1–13.2.4) is affected by CVE-2016-6126 due to inadequate input validation that allows remote attackers to traverse directories via crafted URLs containing /.. sequences, enabling viewing arbitrary system files. The issue is a directory traversal in the web ser...