Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the removeUnusedAttributeView process. An attacker can delete arbitrary .json files within the workspace by supplying crafted path traversal sequences in the id parameter, allowing removal of files outside the...

Ivanti Avalanche目录遍历漏洞

SSD Advisory – Ivanti Avalanche Directory Traversal May 11, 2021 SSD Disclosure / Technical Lead Uncategorized TL;DR Find out how a directory traversal vulnerability in Ivanti Avalanche allows remote unauthenticated user to access files that reside outside the ‘image’ folder. Vulnerability Summar...