Getrailo: >> Railo >> 3.2.1.006 Security Vulnerabilities
A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a specially-crafted URL request to the thumbnail.cfm to specify a malicious PNG file, which could let a remote malicious user obtain sensitive information or execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.653
Published
2020-02-07