We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
可以通过http://192.168.3.2/#/123/../.. 这样的方式访问到根目录的上层文件夹,相当于将系统文件全部暴露,只是无法下载,但是仍可查看目录文件名等信息
The text was updated successfully, but these errors were encountered:
可以解决一下吗?
Sorry, something went wrong.
3.1版本也可以通过 #/../ 访问上级目录
权限设定为"::|admin:admin:rwd"后,匿名访问仍不受限制。
目前可行的解决办法是回退旧版本
No branches or pull requests
可以通过http://192.168.3.2/#/123/../.. 这样的方式访问到根目录的上层文件夹,相当于将系统文件全部暴露,只是无法下载,但是仍可查看目录文件名等信息
The text was updated successfully, but these errors were encountered: