CVE-2025-13261
CVE-2025-13261 affects lsfusion platform up to 6.1. The vulnerability is in DownloadFileRequestHandler.java (web-client/src/main/java/lsfusion/http/controller/file/DownloadFileRequestHandler.java). Manipulation of the Version argument leads to path traversal with remote exploitation possible; exp...