Filtered by vendor Rexians Subscriptions
Filtered by product Rex-web Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-31568 1 Rexians 1 Rex-web 2024-11-21 9.3 Critical
The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.