{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T20:36:25.779","vulnerabilities":[{"cve":{"id":"CVE-2023-4760","sourceIdentifier":"emo@eclipse.org","published":"2023-09-21T08:15:09.403","lastModified":"2024-11-21T08:35:55.317","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the FileUpload component.\n\n\n\n\n\n\nThe reason for this is a not completely secure extraction of the file name in the FileUploadProcessor.stripFileName(String name) method. As soon as this finds a / in the path, everything before it is removed, but potentially \\ (backslashes) coming further back are kept.\n\nFor example, a file name such as /..\\..\\webapps\\shell.war can be used to upload a file to a Tomcat server under Windows, which is then saved as ..\\..\\webapps\\shell.war in its webapps directory and can then be executed.\n\n\n"},{"lang":"es","value":"En las versiones de Eclipse RAP desde 3.0.0 hasta 3.25.0 incluida, la Ejecución Remota de Código es posible en Windows cuando se utiliza el componente FileUpload. La razón de esto es una extracción no completamente segura del nombre del archivo en el método FileUploadProcessor.stripFileName(String name). Tan pronto como esto encuentre una/en la ruta, todo lo anterior se elimina, pero potencialmente \\ (barras invertidas) que vienen más atrás se mantienen. Por ejemplo, se puede utilizar un nombre de archivo como /..\\..\\webapps\\shell.war para cargar un archivo en un servidor Tomcat en Windows, que luego se guarda como ..\\..\\webapps\\shell.war. en su directorio webapps y luego se puede ejecutar.\n"}],"metrics":{"cvssMetricV31":[{"source":"emo@eclipse.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"emo@eclipse.org","type":"Secondary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-23"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eclipse:remote_application_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndIncluding":"3.25.0","matchCriteriaId":"11B55478-B8C8-47E0-B87D-7A02BB498FCD"}]}]}],"references":[{"url":"https://github.com/eclipse-rap/org.eclipse.rap/pull/141","source":"emo@eclipse.org","tags":["Issue Tracking","Patch"]},{"url":"https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/160","source":"emo@eclipse.org","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/eclipse-rap/org.eclipse.rap/pull/141","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch"]},{"url":"https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/160","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking"]}]}}]}