CVE-2022-31552

The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

anuvaad-corpus 路径遍历漏洞

anuvaad-corpus is a Sunbird-AI open source anuvaad translation system. anuvaad-corpus 2020-11-23 and earlier versions have a path traversal vulnerability that stems from a failure of Flask's sendfile function to properly filter special elements in a resource or file path, which could be exploited...