CVE-2020-27993
CVE-2020-27993 affects Hrsale 2.0.0. The vulnerability is a directory traversal caused by improper handling of the filename parameter (type=files&filename=../), enabling reading arbitrary files on the server. Root cause: inadequate input sanitization/validation of the filename. Impact: potential ...