CVE-2017-2258

Publication date

2017-08-28 20:00:00

Family

jpcert

State

PUBLISHED

Description

Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications".