Description
A path traversal vulnerability in servey version < 3 allows an attacker to read content of any arbitrary file.
Remediation
References
https://hackerone.com/reports/355501
Related Vulnerabilities
CVE-2020-28168 Vulnerability in maven package org.webjars.bowergithub.axios:axios
CVE-2020-15231 Vulnerability in maven package org.mapfish.print:print-servlet
CVE-2020-28499 Vulnerability in maven package org.webjars.npm:merge
CVE-2019-15477 Vulnerability in maven package org.jooby:jooby
CVE-2020-25711 Vulnerability in maven package org.infinispan:infinispan-server-runtime