Italiano
English
Summary:
This affects all versions of package browserless-chrome. User input flowing from the workspace endpoint gets used to create a file path filePath and this is fetched and then sent back to a user. This can be escaped to fetch arbitrary files from a server.
Published:
Monday, November 2, 2020 - 22:15
cvss:
5.0