Security Advisory

CVE-2025-0049

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-28 20:55:06

Last updated 2025-04-28 22:28:10

Assigner Fortra

State PUBLISHED

Description

When a Web User without Create permission on subfolders attempts to upload a file to a non-existent directory, the error message includes the absolute server path which may allow Fuzzing for application mapping. This issue affects GoAnywhere: before 7.8.0.

← Browse all CVEs View on cve.org ↗