CVE-2022-36982
CVE-2022-36982 affects Ivanti Avalanche 6.3.3.101. The flaw is in the AgentTaskHandler and stems from inadequate validation of a user-supplied path before file operations, enabling a path-traversal-like disclosure of arbitrary files and stored session cookies. Authentication is required to exploi...