Description
Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server.
Remediation
References
https://hackerone.com/reports/358112
Related Vulnerabilities
CVE-2023-34235 Vulnerability in npm package @strapi/database
CVE-2020-28480 Vulnerability in maven package org.webjars.npm:jointjs
CVE-2018-20822 Vulnerability in npm package node-sass
CVE-2023-26143 Vulnerability in npm package blamer
CVE-2020-12827 Vulnerability in maven package org.webjars.npm:mjml