Medium
IBM WebSphere Application Server could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.
Information disclosure
IBM
Refer to IBM Security Bulletin 6356083 for patch, upgrade or suggested workaround information.
IBM Security Bulletin 6356083 (WebSphere Application Server)