Galaxy Themes Path Traversal Vulnerability in SMR May-2022 Release 1

Galaxy Themes Path Traversal Vulnerability in SMR May-2022 Release 1

CVE-2022-28784 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic.

Learn more about our User Device Pen Test.