Apache.Cocoon.Directory.Traversal
Description
It indicates an attacker attempted a Directory Traversal attack against Apache Cocoon. Apache Cocoon is vulnerable to a directory traversal attack that may allow an attacker to list directories outside the server root by using /./../ character sequences. The issue is caused because there is insufficient sanitization of user-supplied input to the filename parameter to the view-source script.
Affected Products
Apache Software Foundation Cocoon 2.2 Apache Software Foundation Cocoon 2.1
Impact
Information Leakage
Recommended Actions
Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |