Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:2 a.m.8 views

CVE-2023-36819

Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. The endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to download template hosted on the server. However, starting in the 6.x.x branch...

6.5CVSS6.3AI score0.00791EPSS
Exploits1
Cvelist
Cvelist
added 2023/07/03 6:21 p.m.36 views

CVE-2023-36819 Knowage-Server vulnerable to Path traversal in download functionalities

Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. The endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to download template hosted on the server. However, starting in the 6.x.x branch...

6.5CVSS6.4AI score0.00791EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/07/03 6:21 p.m.11 views

CVE-2023-36819 Knowage-Server vulnerable to Path traversal in download functionalities

Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. The endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to download template hosted on the server. However, starting in the 6.x.x branch...

6.5CVSS6.6AI score0.00791EPSS
Exploits1References1
CVE
CVE
added 2023/07/03 6:21 p.m.41 views

CVE-2023-36819

Knowage Server suffers a path-traversal vulnerability in the download template endpoint (/knowage/restful-services/dossier/importTemplateFile_) for 6.x.x up to 8.1.7, where the templateName parameter is not sanitized, allowing crafting of ../ to escape the template directory and read arbitrary fi...

6.5CVSS6.2AI score0.00791EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder