[OF-1860] Admin Console - Plugin Upload vulnerable to ZipSlip - IgniteRealtime JIRA

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 4.4.1
Fix Version/s: 4.4.2
Component/s: Admin Console
Labels:
- security-vulnerabitliy

Description

Seen here: https://twitter.com/javashell185/status/1166299391335878656

POC sent to security mailing list.

Attachments

Activity

People

Assignee:: Guus der Kinderen

Reporter:: Dan Caseley

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 09/10/19 01:44 PM

Updated:: 09/19/19 08:32 AM

Resolved:: 09/19/19 08:32 AM