Mobile Access | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible…

For an authenticated end-user the portal may run a script while attempting to display a directory or some file's properties.

Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list.