GHSA-GGQ8-J54V-54X8 Directory Traversal in sspa

Affected versions of sspa resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...

Directory Traversal in sspa

Affected versions of sspa resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...

CVE-2017-16145

sspa is a server dedicated to single-page apps. sspa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

Directory traversal

sspa is a server dedicated to single-page apps. sspa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16145

sspa is a server dedicated to single-page apps. sspa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16145

CVE-2017-16145 describes a directory traversal vulnerability in the sspa server for single-page apps. The issue arises because sspa resolves relative file paths, allowing an attacker to access files outside the intended directory by requests containing sequences like ../../. The impact is potenti...