The TOTVS Fluig platform allows path traversal through the parameter "file = .. /" encoded in base64. This affects all versions Fluig Lake 1.7.0, Fluig 1.6.5 and Fluig 1.6.4
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-03-05T15:50:35

Updated: 2024-08-04T16:48:01.535Z

Reserved: 2020-11-27T00:00:00

Link: CVE-2020-29134

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-03-05T16:15:12.740

Modified: 2024-11-21T05:23:39.997

Link: CVE-2020-29134

cve-icon Redhat

No data.