PT-2017-16654 · Apache +2 · Apache Batik +2
Name of the Vulnerable Software and Affected Versions: Apache Batik versions prior to 1.9 Description: The issue allows arbitrary users to reveal files on the server's filesystem by sending maliciously formed SVG files. The types of files that can be accessed depend on the user context in which t...