apache-mime4j-storage is vulnerable to Information Disclosure. The vulnerability exists due to insecure default temporary file configuration in the createStorageOutputStream
function in TempFileStorageProvider.java
, which creates a file with the permissions -rw-r--r--
, allowing an attacker to read the content of the file.