This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote web server contains a Java application that is affected by
a directory traversal vulnerability.
The version of Apache Solr running on the remote web server is
affected by a directory traversal vulnerability because the
'SolrResourceLoader' class fails to restrict access to the loading of
specially crafted XLS stylesheets and velocity templates. A remote,
unauthenticated attacker can exploit this issue by crafting a URL with
directory traversal characters to access resources outside of the
See also :
Upgrade to Apache Solr version 4.6.0 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true