Environment
Filr 3.0
Situation
A path traversal vulnerability in the web application component of Micro Focus Filr 3.0 allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server.
Resolution
This will be addressed by applying Filr 3.0 Security Update 6.
Status
Security AlertAdditional Information
This vulnerability was discovered and researched by Matias Choren from SecureAuth.