Опубликовано: 23 нояб. 2024
Источник: github
Github: Не прошло ревью
CVSS4: 8.7
CVSS3: 7.5
Описание
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system.
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system.
Связанные уязвимости
CVSS3: 7.5
nvd
около 1 года назад
The back-end does not sufficiently verify the user-controlled filename parameter which makes it possible for an attacker to perform a path traversal attack and retrieve arbitrary files from the file system.