Path traversal leads to access secrets

In Adobe Experience Manager 6.5 (AEM 6.5), an attacker can exploit Path Traversal by using special characters, bypassing security. Applying AEM 6.5 service pack 11 fixes this vulnerability.

Description description

Environment

Experience Manager 6.5

Issue/Symptoms

Specific characters can be used to get a path traversal, leading to security mechanism bypasses in applications implementing the Sling Framework.

Resolution resolution

To tackle Path traversals, apply AEM v6.5 service pack 11.

recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f