Description
Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. /etc/passwd by appending slashes to the URL request.
Remediation
References
https://hackerone.com/reports/319795
Related Vulnerabilities
CVE-2022-29161 Vulnerability in maven package org.xwiki.platform:xwiki-platform-crypto
CVE-2022-25758 Vulnerability in npm package scss-tokenizer
CVE-2018-20677 Vulnerability in maven package org.webjars.bower:bootstrap
CVE-2021-23363 Vulnerability in npm package kill-by-port
CVE-2022-22984 Vulnerability in npm package snyk-docker-plugin