What the vulnerability does
01Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Harmonic Design HDForms hdforms allows Path Traversal.This issue affects HDForms: from n/a through <= 1.6.1.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
What the vulnerability does
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Harmonic Design HDForms hdforms allows Path Traversal.This issue affects HDForms: from n/a through <= 1.6.1.
Explanation of Vulnerability in Simple Terms
HDForms versions 1.6.1 and earlier contain a path traversal vulnerability that allows an unauthenticated attacker to make the server unavailable by sending specially crafted requests. The vulnerability does not require user interaction and can be exploited over the network. Sites running affected versions should update immediately.
What an attacker can do
Make the site unavailable by triggering a denial-of-service condition through path traversal.
Potential impact on your site
Your site could become unavailable if an attacker exploits this vulnerability without warning.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources