Foswiki · Foswiki · CVE-2023-24698
**Name of the Vulnerable Software and Affected Versions**
Foswiki versions 2.1.7 and below
**Description**
Insufficient parameter validation in the Foswiki::Sandbox component allows attackers to perform a directory traversal via supplying a crafted web request.
**Recommendations**
For versions 2.1.7 and below, update to a version above 2.1.7 to resolve the issue.
As a temporary workaround, consider restricting access to the Foswiki::Sandbox component until a patch is available.