CVE-2023-24698

Name of the Vulnerable Software and Affected Versions Foswiki versions 2.1.7 and below

Description Insufficient parameter validation in the Foswiki::Sandbox component allows attackers to perform a directory traversal via supplying a crafted web request.

Recommendations For versions 2.1.7 and below, update to a version above 2.1.7 to resolve the issue. As a temporary workaround, consider restricting access to the Foswiki::Sandbox component until a patch is available.