GlassFish Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2017-1000028 - Vulnerability Database

GlassFish

GlassFish Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2017-1000028

High

Reference: CVE-2017-1000028

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-1000028

Title: GlassFish Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability

Overview:

Oracle GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability that can be exploited by issuing a specially crafted HTTP GET request.