Uberfire

DATE	CVE	VULNERABILITY TITLE	RISK
2015-02-20	CVE-2014-8114	Permissions, Privileges, and Access Controls vulnerability in Redhat Uberfire The UberFire Framework 0.3.x does not properly restrict paths, which allows remote attackers to (1) execute arbitrary code by uploading crafted content to FileUploadServlet or (2) read arbitrary files via vectors involving FileDownloadServlet. network redhat CWE-264	6.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.