Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
In /nodes/ui_base.js, the URL is matched with'/ui_base/js/*' and then passed to path.join,
The lack of verification of the final path leads to a path traversal vulnerability.
We can use this vulnerability to read sensitive data on the server, such as settings.js.
The server returns the passwd file content
404
The text was updated successfully, but these errors were encountered:
5b0e45a
Better fix for #669
f48f356
Successfully merging a pull request may close this issue.
In /nodes/ui_base.js, the URL is matched with'/ui_base/js/*' and then passed to path.join,
The lack of verification of the final path leads to a path traversal vulnerability.
We can use this vulnerability to read sensitive data on the server, such as settings.js.
What are the steps to reproduce?
What happens?
The server returns the passwd file content
What do you expect to happen?
404
Please tell us about your environment:
The text was updated successfully, but these errors were encountered: