CVE-2021-29024
CVE-2021-29024 affects InvoicePlane 1.5.11, where a misconfigured web server enables unauthenticated directory listing and file download, effectively allowing directory traversal to private files. The root cause is misconfiguration that permits access to sensitive directories/files without authen...