{"id":"CVE-2017-15363","details":"Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.","aliases":["GHSA-rvmg-xc29-rvxf"],"modified":"2025-11-20T10:38:15.905577Z","published":"2017-10-15T19:29:00.217Z","references":[{"type":"ADVISORY","url":"https://extensions.typo3.org/extension/restler/"},{"type":"ADVISORY","url":"https://extensions.typo3.org/extension/download/restler/1.7.1/zip/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/luracast/restler","events":[{"introduced":"0"},{"fixed":"e82d5622f5a1798c3c208867184a469fb4fd445c"}]}],"versions":["3.0.0-RC1","3.0.0-RC2","3.0.0-RC3","3.0.0-RC4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15363.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}