/CVE-2023-2825-Gitlab

the proof of concept written in Python for an unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. This is a critical severity issue

Primary LanguagePython

Watchers