← Back to CVE List

CVE-2017-18354

Published: 2018-12-17T07:29Z
Last Modified: 2024-11-21T03:19Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Rendertron 1.0.0 allows for alternative protocols such as 'file://' introducing a Local File Inclusion (LFI) bug where arbitrary files can be read by a remote attacker. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt