CVE-2018-14371

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
5
MEDIUM
Affected
2
PROJECTS

Description

The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications.

javaserverfaces/mojarra
javaserverfaces/mojarra
Legacy home of the Mojarra Project. You can click the site link below to go to the active Mojarra project under Eclipse Foundation
GitHubGitHub
5
eclipse-ee4j/mojarra
eclipse-ee4j/mojarra
Mojarra, a Jakarta Faces implementation
GitHubGitHub
184