Posted by RedTeam Pentesting GmbH on Feb 18

Advisory: Directory Traversal and Arbitrary File Disclosure in hybris
Commerce Software Suite

During a penetration test, RedTeam Pentesting discovered a Directory
Traversal vulnerability in hybris Commerce software suite. This
vulnerability allows attackers to download arbitrary files of any size
from the affected system.

Details
=======

Product: hybris Commerce Software Suite
Affected Versions:
Release 5.3: <= 5.3.0.1…