RETIRED: Agavi 'cmplang' Parameter Directory Traversal Vulnerability

RETIRED: Agavi 'cmplang' Parameter Directory Traversal Vulnerability

Agavi is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks.

Agavi 1.0.0 beta 5 is vulnerable; other versions may also be affected.

NOTE: This BID is being retired because the issue described affects specific, custom installations constructed with the Agavi framework.