Path Traversal in Searchblox

CVE-2013-3598

Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the name parameter.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.022 (80.0th percentile) — read the EPSS interpretation.

Affected products

  • Searchblox — versions 6.2, 6.3, 6.4
  • N/a — versions n/a

Weakness classification (CWE)

References