Spring Cloud Config Server directory traversal vulnerability CVE-2020-5410
Spring Could Config Server has a directory traversal vulnerability CVE-2020-5410. The vulnerability is due to the direct splicing of the obtained name and label in the MVC architecture without any filtering. It can be performed with the base address in the configuration file. Backtrack at any position and read the file.