Jehovahs Witnesses JW Library App org.jw.jwlibrary.mobile.activity.SiloContainer path traversal

A vulnerability has been found in Jehovahs Witnesses JW Library App up to 15.5.1 on Android. Affected is an unknown function of the component org.jw.jwlibrary.mobile.activity.SiloContainer. Such manipulation leads to path traversal. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

对路径名的限制不恰当(路径遍历)

Jehovahs Witnesses JW Library App 路径遍历漏洞

Jehovahs Witnesses JW Library App是美国Jehovahs Witnesses公司的一个手机应用程序。 Jehovahs Witnesses JW Library App 15.5.1及之前版本存在路径遍历漏洞，该漏洞源于组件org.jw.jwlibrary.mobile.activity.SiloContainer存在路径遍历问题，可能需要本地访问。

N/A

N/A