Vulnerability Details CVE-2019-17199
www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory Traversal (for reading arbitrary files) because of an unanchored regular expression, as demonstrated by the a.jpg\.. substring.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.577
EPSS Ranking 98.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-17199
-
cpe:2.3:a:webpagetest:webpagetest:19.04
-
cpe:2.3:o:microsoft:windows:-