Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apache Axis2 < 1.5 'xsd' Parameter Directory Traversal



The remote web server hosts a web application that is vulnerable to a directory traversal attack.


The remote web server is hosting Axis2, a web services engine.

Versions of Axis2 earlier than 1.5 are potentially affected by a directory traversal vulnerability in the 'xsd' parameter in activated services. An attacker, exploiting this flaw, can read arbitrary files on the affected host.


Upgrade to Apache Axis2 1.5 or later.