CVE-2022-31501
The CVE-2022-31501 entry concerns the ChaoticOnyx/OnyxForum repository prior to 2022-05-04, where absolute path traversal is possible due to unsafe use of Flask’s send_file. Affected component: OnyxForum’s server-side file delivery (Flask). Root cause: improper handling in send_file usage enablin...