CVE-2018-19586
Silverpeas 5.15–6.0.2 is affected by an authenticated Directory Traversal vulnerability triggered during file uploads due to core/webapi/upload/FileUploadData.java mishandling a StringUtil.java call. The flaw allows regular users to write arbitrary files on the underlying system with the applicat...