THREATOPS
THREAT OPSCVEs › CVE-2020-14864

CVE-2020-14864 — Oracle Business Intelligence Enterprise Edition Path Transversal

CISA KEVExploited: confirmedOracle

Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.

Vulnerability details