|CVSS SCORE||5, (AV:N/AC:L/Au:N/C:P/I:N/A:N)|
The specific flaw exists within com.novell.zenworks.inventory.rtr.actionclasses.wcreports. The issue lies in the failure to sanitize the path of the "dirname" variable. The attacker can leverage this to disclose the contents of folders on the system.
Novell has issued an update to correct this vulnerability. More details can be found at: