GHSA-J5C3-R84F-9596 Arbitrary File Read in Admin JS CSS files
Impact It was observed that the /admin/misc/script-proxy API endpoint accessible by an authenticated administrator user and is vulnerable arbitrary JavaScript, CSS file read via the "scriptPath" and "scripts" parameters. The "scriptPath" parameter is not sanitized properly and is vulnerable to pa...