Vulnerabilities > Eclipse > Remote Application Platform

DATE CVE VULNERABILITY TITLE RISK
2023-09-21 CVE-2023-4760 Path Traversal vulnerability in Eclipse Remote Application Platform
In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component. The reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileName(String name) method.
network
low complexity
eclipse CWE-22
critical
9.8