Mongrel : Security Vulnerabilities, CVEs,
Directory traversal vulnerability in DirHandler (lib/mongrel/handlers.rb) in Mongrel 1.0.4 and 1.1.x before 1.1.3 allows remote attackers to read arbitrary files via an HTTP request containing double-encoded sequences (".%252e").
Max CVSS
6.4
EPSS Score
1.86%
Published
2008-01-03
Updated
2011-03-08
1 vulnerabilities found