CVE-2023-42280
CVE-2023-42280 affects mee-admin 1.5. The vulnerability is in the download method of the CommonFileController.java, where incoming data is not verified, enabling arbitrary file reading via directory traversal. This is described consistently across multiple sources (NVD/Red Hat/PRion/CNNVD/CVELIST...