Description
Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it.
Remediation
References
Related Vulnerabilities
WordPress Plugin HTML5 jQuery Audio Player Multiple Cross-Site Scripting Vulnerabilities (2.3)
MySQL CVE-2019-2819 Vulnerability (CVE-2019-2819)
WordPress 2.0.5 Charset Decoding SQL Injection Vulnerability (0.6.2 - 2.0.5)
WordPress Plugin Advanced Text Widget 'page' Parameter Cross-Site Scripting (2.0.0)
PHP Release of Invalid Pointer or Reference Vulnerability (CVE-2022-31625)