EPSS
Percentile
50.1%
Due to improper sanitization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.
github.com/go-aah/aah/commit/881dc9f71d1f7a4e8a9a39df9c5c081d3a2da1ec
github.com/go-aah/aah/issues/266
github.com/go-aah/aah/pull/267