CVE-2011-1589

Published April 29th, 2011

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.

mojolicious/mojo

:sparkles: Mojolicious - Perl real-time web framework

GitHub

2.74K