Описание
Relative Path Traversal in GitHub repository stitionai/devika prior to -.
Relative Path Traversal in GitHub repository stitionai/devika prior to -.
Связанные уязвимости
CVSS3: 7.5
nvd
больше 1 года назад
The application zips all the files in the folder specified by the user, which allows an attacker to read arbitrary files on the system by providing a crafted path. This vulnerability can be exploited by sending a request to the application with a malicious snapshot_path parameter.