VYPR
Medium severity4.9NVD Advisory· Published Feb 17, 2017· Updated Jun 17, 2026

CVE-2016-4314

CVE-2016-4314

Description

Directory traversal vulnerability in the LogViewer Admin Service in WSO2 Carbon 4.4.5 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the logFile parameter to downloadgz-ajaxprocessor.jsp.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.wso2.carbon.commons:org.wso2.carbon.logging.view.uiMaven
<= 4.4.5

Affected products

1

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.