CVE-2018-18809 Path traversal in Tibco JasperSoft
CVE-2018-18809 - Tibco JasperSoft is vulnerable to path traversal for remote non-authenticated user.
more ...CVE-2018-18809 - Tibco JasperSoft is vulnerable to path traversal for remote non-authenticated user.
more ...In a web application program code often are used parameters REQUEST_URI to present current URL or QUERY_STRING to present current query GET parameters. Usually those parameters are nicely converted to URL encoding and it may seem safe to use them directly in HTML document or SQL query. But "usually" does not mean "always".
more ...