CVE-2016-5941

IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system.

Date published : 2017-02-01

http://www.securityfocus.com/bid/95438

http://www.ibm.com/support/docview.wss?uid=swg21992072