2 matches found
CVE-2022-31583
The sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31583
The CVE-2022-31583 entry documents a path-traversal vulnerability in the sravaniboinepelli/AutomatedQuizEval repository (through 2020-04-27). The root cause is unsafe use of Flaskās send_file, which allows absolute path traversal and potential access to arbitrary files/directories on the file sys...