CVE-2020-36240 – The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, and from version 4.1. …

1 March 2021

Vuln ID: CVE-2020-36240

Published: 2021-03-01 17:15:12Z

Description: The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, and from version 4.1.0 before 4.1.2 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.

Source: NVD.NIST.GOV

Date:

1 March 2021

Categorie(s):

NVD

Tag(s):

NVD

Dropzone AI nabs $16.85M for its automated breach investigation platform25 April 2024
Millions of IPs remain infected by USB worm years after its creators left it for dead25 April 2024
What is ThreatLocker Cybersecurity Used For & How to Protect Your Digital Future?25 April 2024
Zombie worm continues to infect millions of IPs years after it was left for dead25 April 2024
How to Avoid Romance Scams 25 April 2024