Koha.KohaOpacLanguage.Cookie.Parameter.Directory.Traversal
Description
This indicates an attack attempt against a Directory Traversal vulnerability in Koha.
The vulnerability is caused by an error when the vulnerable software handles a http request with malicious KohaOpacLanguage cookie. A remote attacker can exploit this to gain unauthorized access to sensitive information.
Affected Products
Koha 3.4 before 3.4.7 and 3.6 before 3.6.1
Impact
Information Disclosure: Remote attacker can gain sensitive information from vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6629
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |