Filedownloader
1 CVEs
product
Monthly
util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Java
Path Traversal
Filedownloader
NVD
GitHub
CVSS 3.0
9.8
EPSS
2.1%
EPSS 2%
CVSS 9.8
CRITICAL
Act Now
util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Java
Path Traversal
Filedownloader
NVD
GitHub