Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2008-4359 - Vulnerability Database
Lighttpd

Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2008-4359

High
Reference: CVE-2008-4359
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2008-4359
Title: Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding which might allow remote attackers to bypass intended access restrictions and obtain sensitive information or possibly modify data.