2021-11-22 14:43:26
krcert
PUBLISHED
Using the parameter of getPFXFolderList function, attackers can see the information of authorization certification and delete the files. It occurs because the parameter contains path traversal characters(ie. ../../../)