10 matches found
EUVD-2020-30937
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences e.g., '../' in the URL. For example, requesting...
PYSEC-2026-114
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences e.g., '../' in the URL. For example, requesting...
CVE-2020-37041
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences e.g., '../' in the URL. For example, requesting...
CVE-2020-37041
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences e.g., '../' in the URL. For example, requesting...
PYSEC-2026-114
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences e.g., '../' in the URL. For example, requesting...
CVE-2020-37041
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences e.g., '../' in the URL. For example, requesting...
CVE-2020-37041 OpenCTI 3.3.1 - Directory Traversal
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences e.g., '../' in the URL. For example, requesting...
CVE-2020-37041
CVE-2020-37041 is confirmed in OpenCTI 3.3.1 to have a directory traversal vulnerability via the /static/css endpoint. An unauthenticated attacker can read arbitrary filesystem files by crafting GET requests containing path traversal sequences (for example, /static/css//../../../../../../../../et...
CVE-2020-37041 OpenCTI 3.3.1 - Directory Traversal
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences e.g., '../' in the URL. For example, requesting...
PT-2026-5481
Name of the Vulnerable Software and Affected Versions OpenCTI version 3.3.1 Description OpenCTI version 3.3.1 is susceptible to a directory traversal issue through the static/css endpoint. An unauthenticated attacker can access arbitrary files on the filesystem by submitting specially crafted GET...