CVE-2017-15363

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-15363

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15363.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-15363

Aliases

GHSA-rvmg-xc29-rvxf

Published

2017-10-15T19:29:00Z

Modified

2025-04-23T02:57:32.310457Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.

References

Affected packages

Git / github.com/luracast/restler

Affected ranges

Type: GIT
Repo: https://github.com/luracast/restler
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e82d5622f5a1798c3c208867184a469fb4fd445c

Affected versions

3.*

3.0.0-RC1

3.0.0-RC2

3.0.0-RC3

3.0.0-RC4