Vulnerability Details CVE-2023-42280
mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.3%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-42280
-
cpe:2.3:a:springernature:mee-admin:1.5