A path traversal vulnerability was discovered in the Java versions of multiple CData products when using the embedded Jetty server, allowing remote attackers to potentially access sensitive information and perform limited actions on the system.  The vulnerability arises from the interplay between how the embedded Jetty server and CData servlets handle incoming requests, creating a … Continue reading Multiple CData Vulnerabilities Let Attackers Bypass Security Restrictions