CVE-2015-2748: Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote att
infovulnerability
security
Summary
Websense TRITON AP-WEB versions before 8.0.0 have a flaw where certain files in the explorer_wse/ folder are not properly protected, allowing attackers to access sensitive information like security incident reports and configuration files by making direct web requests. This is a type of access control vulnerability (a failure to properly restrict who can view certain files).
Solution / Mitigation
Update Websense TRITON AP-WEB to version 8.0.0 or later.
Vulnerability Details
CVSS Score
5
EPSS (30-day exploit probability)
EPSS: 0.3%
Classification
Attack SophisticationTrivial
Original source: https://nvd.nist.gov/vuln/detail/CVE-2015-2748
First tracked: February 15, 2026 at 08:45 PM
Classified by LLM (prompt v3) · confidence: 95%