GHSA-9jjf-4p7p-4qv4HighCVSS 7.7

Path traversal in Ivanti  Xtraction before version 2026.2.1 allows a remote authenticated...

Published
July 14, 2026
Last Modified
July 14, 2026

🔗 CVE IDs covered (1)

📋 Description

Path traversal in Ivanti  Xtraction before version 2026.2.1 allows a remote authenticated attacker to read arbitrary files outside the web root.

🔗 References (3)