CVE-2024-42499 Information

Description

Improper limitation of a pathname to a restricted directory (‘Path Traversal’) issue exists in FitNesse releases prior to 20241026. If this vulnerability is exploited an attacker may be able to know whether a file exists at a specific path and/or obtain some part of the file contents under specific conditions.

Reference

https://github.com/unclebob/fitnesse/releases/tag/20241026 https://fitnesse.org/FitNesseDownload https://jvn.jp/en/jp/JVN36791327/