Due to improper input sanitization, a maliciously constructed filename could cause a file download to use an attacker controlled filename, as well as injecting additional headers into an HTTP response.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/gofiber/fiber | lt | 1.12.6 |