CVE-2015-0933

Publication date

2015-03-04 02:00:00

Family

certcc

State

PUBLISHED

Description

Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, when the paranoid openin_any setting is omitted, allows remote authenticated users to read arbitrary files via a include command.