Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Contao Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2024-45604 - Vulnerability Database
Contao

Contao Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2024-45604

Medium
Reference: CVE-2024-45604
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-45604
Title: Contao Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

Contao is an Open Source CMS. In affected versions authenticated users in the back end can list files outside the document root in the file selector widget. Users are advised to update to Contao 4.13.49. There are no known workarounds for this vulnerability.