Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Go
Published: 2022-12-07T16:14:43.946Z
Updated: 2024-08-04T17:30:08.318Z
Reserved: 2022-07-29T18:52:35.508Z
Link: CVE-2020-36565
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-12-07T17:15:09.910
Modified: 2022-12-12T15:18:15.227
Link: CVE-2020-36565
Redhat
No data.