Directory Traversal Vulnerability in mee-admin 1.5 Allows Arbitrary File Reading
CVE-2023-42280 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading.
Learn more about our Web Application Penetration Testing UK.