CVE-2017-18354

Publication date

2018-12-17 06:00:00

Family

mitre

State

PUBLISHED

Description

Rendertron 1.0.0 allows for alternative protocols such as file:// introducing a Local File Inclusion (LFI) bug where arbitrary files can be read by a remote attacker.