CVE-2019-13343

Name of the Vulnerable Software and Affected Versions Butor Portal versions prior to 1.0.27

Description The issue allows a remote anonymous user to download any file on servers running the affected software due to a Path Traversal vulnerability. This is caused by the WhiteLabelingServlet not properly sanitizing user input on the theme parameter before reusing it in a path. The path is then used without validation to fetch a file and return its raw content to the user via the "/wl?t=../../...&h=" endpoint followed by a filename.

Recommendations For versions prior to 1.0.27, update to version 1.0.27 or later to resolve the issue. As a temporary workaround, consider restricting access to the WhiteLabelingServlet or disabling the theme parameter in the /wl endpoint to minimize the risk of exploitation.