CVE-2023-34478 | Apache Shiro up to 1.12.0/2.0.0-alpha-3 API path traversal

10月 2, 2024
8:56 pm

A vulnerability, which was classified as critical, was found in Apache Shiro up to 1.12.0/2.0.0-alpha-3. Affected is an unknown function of the component API Handler. The manipulation leads to path traversal.

This vulnerability is traded as CVE-2023-34478. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-34478 | Apache Shiro up to 1.12.0/2.0.0-alpha-3 API path traversal

Elvescore.io

Recent Posts

CVE-2024-11852 – Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) WordPress Unauthenticated Data Access Vulnerability

CVE-2024-12884 – Codezips E-Commerce Website SQL Injection

CVE-2024-51463 – IBM i SSRF

CVE-2024-51464 – IBM Navigator for i Access Bypass Vulnerability

CVE-2024-12883 – Code-projects Job Recruitment Cross Site Scripting

CVE-2024-12875 – Easy Digital Downloads WordPress Directory Traversal Vulnerability

CVE-2023-34478 | Apache Shiro up to 1.12.0/2.0.0-alpha-3 API path traversal

CVE-2023-34478 | Apache Shiro up to 1.12.0/2.0.0-alpha-3 API path traversal