CVE-2009-4665

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in nuget/CuteEditor

Identifiers

GHSA-w327-wq28-3vmf, CVE-2009-4665

Package Slug

nuget/CuteEditor

Vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Description

Directory traversal vulnerability in CuteSoft_Client/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Affected Versions

All versions before 6.6

Solution

Upgrade to version 6.6 or above.

Last Modified

2024-02-09

source