Description
index.js in Total.js Platform before 3.2.3 allows path traversal.
Remediation
References
https://blog.certimetergroup.com/it/articolo/security/total.js-directory-traversal-cve-2019-8903
https://github.com/totaljs/framework/commit/c37cafbf3e379a98db71c1125533d1e8d5b5aef7
https://github.com/totaljs/framework/commit/de16238d13848149f5d1dae51f54e397a525932b
Related Vulnerabilities
CVE-2022-25204 Vulnerability in maven package by.dev.madhead.doktor:doktor
CVE-2022-24196 Vulnerability in maven package com.itextpdf:itext7-core
CVE-2022-25171 Vulnerability in npm package p4
CVE-2023-50722 Vulnerability in maven package org.xwiki.platform:xwiki-platform-administration-ui
CVE-2021-27515 Vulnerability in maven package org.webjars.bowergithub.unshiftio:url-parse