CVE-2024-34995 Information

Description

svnWebUI v1.8.3 was discovered to contain an arbitrary file deletion vulnerability via the dirTemps parameter under com.cym.controller.UserControllerimportOver. This vulnerability allows attackers to delete arbitrary files via a crafted POST request.

Reference

https://github.com/cym1102/svnWebUI/issues/8