Описание
An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it.
An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it.
EPSS
Процентиль: 79%
0.01283
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.8
nvd
больше 5 лет назад
An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal check is performed on the input path parameter, but the startsWith function can be used to bypass it.
EPSS
Процентиль: 79%
0.01283
Низкий