1 matches found
Arbitrary File Overwrite
ai.h2o, h2o-core is vulnerable to Arbitrary File Overwrite. The vulnerability is due to a lack of export location restrictions in the model export endpoint, allowing an attacker to overwrite arbitrary files on the server...