Maven package
com.xuxueli/xxl-conf-admin
pkg:maven/com.xuxueli/xxl-conf-admin
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-20094 | Hig | 7.5 | <= 1.6.0 | — | Dec 12, 2018 | An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java. |
- affected <= 1.6.0
An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java.