Description
Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. /etc/passwd by appending slashes to the URL request.
Remediation
References
https://hackerone.com/reports/319795
Related Vulnerabilities
CVE-2020-8244 Vulnerability in maven package org.webjars.npm:bl
CVE-2021-39133 Vulnerability in maven package org.rundeck:rundeck
CVE-2020-8203 Vulnerability in maven package org.webjars.bowergithub.lodash:lodash
CVE-2011-3190 Vulnerability in maven package org.apache.tomcat:coyote
CVE-2020-26939 Vulnerability in maven package org.bouncycastle:bcprov-ext-jdk15on