VULHUB ™

Surfnet kiosk software is prone to a vulnerability that may permit kiosk users to access the underlying filesystem. Users may access the underlying filesystem by attempting to access a 'file://' URI. This violates the security model of the software and could permit malicious individuals to abuse the system hosting the software.

Surfnet kiosk software is prone to a vulnerability that may permit kiosk users to access the underlying filesystem. Users may access the underlying filesystem by attempting to access a 'file://' URI. This violates the security model of the software and could permit malicious individuals to abuse the system hosting the software.