Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
Engine 2.9.0
-
None
Description
With changes of SLING-10225, sling-engine started considering requests consisting of resource path with %5B ([) and multiple dots as "Invalid", as it could lead to path traversal and exposure of repository content.
But same could happen with %7D (}) with multiple dots in the request resource path.
e.g: http://<HOST>:<PORT>/content/we-retail/us/en/experience.html/.%7D./.%7D./.1.json would lead to exposure of repository content stored at /content/we-retail/us