Page History
...
- [HIGH SEVERITY] The XMLUI "themes/" path is vulnerable to a full directory traversal using [any-two-or-more-chars]:[any-full-file-path]. ( DS-3094 - requires a JIRA account to access .) This means that ANY files on your system which are readable to the Tomcat user account may be publicly accessed via your DSpace website.
...
Overview
Content Tools