5 matches found
CVE-2026-25062
Outline is a service that allows for collaborative documentation. Prior to 1.4.0, during the JSON import process, the value of attachments.key from the imported JSON is passed directly to path.joinrootPath, node.key and then read using fs.readFile without validation. By embedding path traversal...
CVE-2026-25062
Outline (the Outline service) prior to version 1.4.0 is vulnerable via JSON import where attachments[].key is passed to path.join(rootPath, node.key) and then read with fs.readFile without validation, enabling path traversal (e.g., ../ or absolute paths) to read arbitrary server files and import ...
CVE-2026-25062 Outline Affected an Arbitrary File Read via Path Traversal in JSON Import
Outline is a service that allows for collaborative documentation. Prior to 1.4.0, during the JSON import process, the value of attachments.key from the imported JSON is passed directly to path.joinrootPath, node.key and then read using fs.readFile without validation. By embedding path traversal...
PT-2026-7663
Outline is a service that allows for collaborative documentation. Prior to 1.4.0, during the JSON import process, the value of attachments.key from the imported JSON is passed directly to path.joinrootPath, node.key and then read using fs.readFile without validation. By embedding path traversal...
Outline 路径遍历漏洞
Outline is an open-source knowledge base developed by Outline. Versions prior to Outline 1.4.0 contained a path traversal vulnerability. This vulnerability stemmed from insufficient validation of the attachments.key value during the JSON import process, which could allow attackers to read arbitra...