CVE-2025-13261 - lsfusion platform DownloadFileRequestHandler.java DownloadFileRequestHandler pat...

CVE ID : CVE-2025-13261 Published : Nov. 17, 2025, 3:32 a.m. | 37 minutes ago Description : A vulnerability was found in lsfusion platform up to 6.1. Affected is the function DownloadFileRequestHandler of the file web-client/src/main/java/lsfusion/http/controller/file/DownloadFileRequestHandler.java. Performing manipulation of the argument Version results in path traversal. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...