CVE-2020-5671
Arbitrary File Read in KonaWiki3 (KonaWiki3 におけるパス・トラバーサル)
Inadequate query checking allows unauthorized disclosure of information stored above the target directory published as a website by a remote attacker. By exploiting this vulnerability, arbitrary files can be obtained.
Disclosure Date
2020/11/16
Credit
stypr (@stereotype32)
Affected-Versions
KonaWiki: v3.1.1 and earlier
CWE
- CWE-22
