Описание
Any user can delete an arbitrary folder (recursively) on a remote server due to bad input sanitization leading to path traversal. The attacker would need access to the server at some privilege level since this endpoint is protected and requires authorization.
Ссылки
- Patch
- Exploit
- Patch
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.0 (исключая)
cpe:2.3:a:mintplexlabs:anythingllm:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00694
Низкий
8.1 High
CVSS3
8.1 High
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 8.1
github
почти 2 года назад
Any user can delete an arbitrary folder (recursively) on a remote server due to bad input sanitization leading to path traversal. The attacker would need access to the server at some privilege level since this endpoint is protected and requires authorization.
EPSS
Процентиль: 71%
0.00694
Низкий
8.1 High
CVSS3
8.1 High
CVSS3
Дефекты
CWE-22
CWE-22