CVE-2013-1645

Open-xchange Server - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the publication template path.

Exploits (1)

exploitdb WRITEUP
webappsjava
https://www.exploit-db.com/exploits/24791

References (1)

Scores

EPSS 0.0219
EPSS Percentile 84.4%

Details

CWE
CWE-22
Status published
Products (3)
open-xchange/open-xchange_server 6.20.7
open-xchange/open-xchange_server 6.22.0
open-xchange/open-xchange_server 6.22.1
Published Sep 05, 2013
Tracked Since Feb 18, 2026