CVE-2017-16145
CVE-2017-16145 describes a directory traversal vulnerability in the sspa server for single-page apps. The issue arises because sspa resolves relative file paths, allowing an attacker to access files outside the intended directory by requests containing sequences like ../../. The impact is potenti...