2 matches found
CVE-2024-23673
CVE-2024-23673 concerns a path-traversal vulnerability in Apache Sling Servlets Resolver. The issue affects all versions prior to 2.11.0, with exploitation dependent on system configuration; a user with write access to the repository could trick the resolver into loading a previously uploaded scr...
CVE-2024-23673 Apache Sling Servlets Resolver: Malicious code execution via path traversal
Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is vulnerable to this attack depends on the exact configuration of the system. If the...