2018-07-19 22:00:00
redhat
PUBLISHED
redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd.