Description
An arbitrary file read vulnerability in ureport v2.2.9 allows a remote attacker to arbitrarily read files on the server by inserting a crafted path.
Remediation
References
https://github.com/h00klod0er/ureport2-vuln/
Related Vulnerabilities
CVE-2020-28279 Vulnerability in npm package flattenizer
CVE-2022-25916 Vulnerability in npm package mt7688-wiscan
CVE-2020-7748 Vulnerability in npm package @tsed/core
CVE-2020-7684 Vulnerability in npm package rollup-plugin-serve
CVE-2020-28502 Vulnerability in maven package org.webjars.npm:xmlhttprequest-ssl