Bonita BPM Path Traversal Vulnerability
Bonita BPM is an open source business process management - workflow suite. A path traversal vulnerability exists in Bonita BPM. Since the input passed to the "bonita/portal/themeResource" URL via the "theme" and "location" HTTP GET parameters is not properly validated as part of the used filename...