Описание
Duplicate Advisory: elFinder vulnerable to path traversal in LocalVolumeDriver connector
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-wm5g-p99q-66g4. This link is maintained to preserve external references.
Original Description
_joinPath in elFinderVolumeLocalFileSystem.class.php in elFinder before 2.1.62 allows path traversal in the PHP LocalVolumeDriver connector.
Пакеты
Наименование
studio-42/elfinder
composer
Затронутые версииВерсия исправления
< 2.1.62
2.1.62