The application scanner has detected a vulnerability from DXA: "Path Traversal from URI".

RWS / dxa-web-application-java

SDL Digital Experience Accelerator Java Spring MVC web application

25 stars 37 forks source link

The application scanner has detected a vulnerability from DXA: "Path Traversal from URI". #180

Closed sivasanikommu closed 1 year ago

sivasanikommu commented 1 year ago

Using DXA version 2.2.18.

The application scanner has detected a vulnerability from DXA: "Path Traversal from URI". This originates from the following method: com.sdl.dxa.tridion.content.GenericStaticContentResolver.getStaticContentFileByPath(GenericStaticContentResolver.java:78)

Just wanted to check whether you are already aware of this vulnerability and whether a fix is available.

marksaunders commented 1 year ago

Was this resolved or the source tracked down?

dxasupport commented 1 year ago

This has been addressed in release 2.2.32.