What the vulnerability does
01Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in themezaa Litho litho allows Path Traversal.This issue affects Litho: from n/a through <= 3.0.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
What the vulnerability does
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in themezaa Litho litho allows Path Traversal.This issue affects Litho: from n/a through <= 3.0.
Explanation of Vulnerability in Simple Terms
Litho versions 3.0 and earlier contain a path traversal vulnerability that allows an attacker to cause a denial of service by making the application unavailable. The vulnerability requires no authentication or user interaction and can be exploited over the network. The impact extends beyond the vulnerable component itself.
What an attacker can do
Make the Litho application unavailable or unresponsive by exploiting a path traversal flaw.
Potential impact on your site
Your site using Litho may become unavailable or experience service disruption without warning.
Conditions required to exploit
Network access to the Litho application. No authentication or user interaction required.
Key dates
External resources
Related vulnerabilities