CVE-2023-42280 Information

Description

mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data resulting in arbitrary file reading.

Reference

https://github.com/zaizainani/-Vulnerability-recurrence-sorting/blob/main/anyfiledown-en.pdf