Path Traversal
There is a path traversal vulnerability via ../ in the keys parameter. An attacker could download any configuration file, related to ConfController.java and PropUtil.java.
Advisories for Maven/Com.xuxueli/Xxl-Conf-Admin package
2018
There is a path traversal vulnerability via ../ in the keys parameter. An attacker could download any configuration file, related to ConfController.java and PropUtil.java.