The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore.
References
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2016-02-03 18:59
Updated : 2024-02-04 18:53
NVD link : CVE-2016-1505
Mitre link : CVE-2016-1505
CVE.ORG link : CVE-2016-1505
JSON object : View
Products Affected
radicale
- radicale
microsoft
- windows
CWE
CWE-21
DEPRECATED: Pathname Traversal and Equivalence Errors