1 matches found
CVE-2022-39345
Gin-vue-admin pre-2.5.4 is vulnerable to a path-traversal/file-upload flaw. The Unzip routine decompresses uploaded zips without validating contents, enabling Zip Slip-style traversal to overwrite arbitrary files. Affected versions: