Nuxeo - Nuxeo CVE

Filtered by vendor Nuxeo Subscribe

Filtered by product Nuxeo

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-5869	1 Nuxeo	1 Nuxeo	2017-08-16	6.5 MEDIUM	8.8 HIGH
Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.3 allows remote authenticated users to upload and execute arbitrary JSP code via a .. (dot dot) in the X-File-Name header.

Vulnerabilities (CVE)