Uploaded image for project: 'FishEye'
  1. FishEye
  2. FE-6896

Arbitrary resource forwarding vulnerability in TotalityFilter

    XMLWordPrintable

Details

    Description

      There is an arbitrary resource forwarding vulnerability in TotalityFilter. The vulnerability can be triggered via the JsonRewrite class, and can lead to execution of arbitrary JSP files or downloading configuration files under the WEB-INF.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. FE-4449 Default application files available for download via the application server.

          • Low - Low priority issues
          • Closed
          was cloned as

          Bug - A problem which impairs or prevents the functions of the product. CRUC-8052 Arbitrary resource forwarding vulnerability in TotalityFilter

          • Medium - Medium priority issues
          • Closed

          Activity

            People

              Unassigned Unassigned
              pswiecicki Piotr Swiecicki
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: