Jbalanza

**Name of the Vulnerable Software and Affected Versions** Ivanti Avalanche version 6.3.4.153 **Description** The issue is related to a Directory Traversal vulnerability in the javax.faces.resource component, which can be exploited by a remote authenticated attacker to obtain sensitive information. This vulnerability is due to incorrect restriction of the directory path name with limited access. **Recommendations** For Ivanti Avalanche version 6.3.4.153, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Titan FTP server versions 19.0 and below **Description** The issue allows users to be redirected to any target URL, which could potentially be exploited. **Recommendations** For versions 19.0 and below, update to a version above 19.0 to resolve the issue.