2018-10-08 16:00:00
mitre
PUBLISHED
Telerik Extensions for ASP.NET MVC (all versions) does not whitelist requests, which can allow a remote attacker to access files inside the servers web directory. NOTE: this product has been obsolete since June 2013.