3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.3%
The default configuration of javax.servlet.context.tempdir in Apache
Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded
files, which allows local users to overwrite arbitrary files via an
unspecified symlink attack.
Author | Note |
---|---|
mdeslaur | version 1.3 added documentation notes that a directory should be specified when using the API. this isn’t worth fixing in stable releases |