CVE-2024-25154
Published Mar 13, 2024
Last updated 8 months ago
Overview
- Description
- Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage.
- Source
- df4dee71-de3a-4139-9588-11b62fe6c0ff
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
Weaknesses
- df4dee71-de3a-4139-9588-11b62fe6c0ff
- CWE-22
Social media
- Hype score
- Not currently trending