Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cacheservice did not correctly check if relative cache object were pointing to the defined absolute location when accessing resources. An attacker with access to the database and a local or restricted network would be able to read arbitrary local file system resources that are accessible by the services system user account. We have improved path validation and make sure that any access is contained to the defined root directory. No publicly available exploits are known.
CVSS Information
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L
Vulnerability Type
信息暴露
Vulnerability Title
Open-Xchange AppSuite 路径遍历漏洞
Vulnerability Description
Open-Xchange AppSuite是德国Open-Xchange公司的一套Web云桌面环境。该环境允许用户更直观的管理电子邮件、任务和文件等。 Open-Xchange AppSuite存在路径遍历漏洞,该漏洞源于允许具有访问权限的攻击者读取本地的任意文件和系统资源。
CVSS Information
N/A
Vulnerability Type
N/A