PT-2026-27209 · Unknown · Census Csweb
Published
2026-03-23
·
Updated
2026-03-23
·
CVE-2025-60946
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Census CSWeb versions prior to 8.1.0 alpha
Description
Census CSWeb 8.0.1 allows arbitrary file path input. A remote, authenticated attacker could potentially access unintended file directories.
Recommendations
Update to version 8.1.0 alpha or later.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Census Csweb