CVE-2017-8115

2017-04-2519:59:00

Google

osv.dev

6.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.7%

JSON

Directory traversal in setup/processors/url_search.php (aka the search page of an unused processor) in MODX Revolution 2.5.7 might allow remote attackers to obtain system directory information.

References

github.com/modxcms/revolution/issues/13432

github.com/modxcms/revolution/pull/13433