Sahi pro 7.x/8.x directory traversal vulnerability

Summary

Sahi is a business based open source Web application automation test tool owned by Tyto Software.The vulnerability stems from the failure of a network system or product to properly filter specific elements in a resource or file path.An attacker can use this vulnerability to access locations outside the restricted directory.


Solution

At present, the manufacturer does not provide the repair plan, please pay attention to the manufacturer's home page:

https://sahipro.com/