Description
FUXA <= 1.1.12 is vulnerable to Local via Inclusion via /api/download.
Remediation
References
https://github.com/frangoteam/FUXA
https://github.com/MateusTesser/CVE-2023-31718
https://youtu.be/VCQkEGntN04
Related Vulnerabilities
CVE-2021-21141 Vulnerability in maven package org.webjars.npm:electron
CVE-2023-40037 Vulnerability in maven package org.apache.nifi:nifi-jms-processors
CVE-2023-36542 Vulnerability in maven package org.apache.nifi:nifi-hikari-dbcp-service
CVE-2021-41248 Vulnerability in npm package graphiql
CVE-2020-2246 Vulnerability in maven package org.jenkins-ci.plugins:valgrind