漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
Vulnerability Description
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this vulnerability to modify files that are stored outside the restricted directory. Exploitation of this issue does not require user interaction.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Adobe Commerce 路径遍历漏洞
Vulnerability Description
Adobe Commerce是美国奥多比(Adobe)公司的一种面向商家和品牌的全球领先的数字商务解决方案。 Adobe Commerce存在路径遍历漏洞,该漏洞源于容易受到路径名到受限目录的不当限制漏洞的影响,该漏洞可能导致安全功能绕过。
CVSS Information
N/A
Vulnerability Type
N/A