PT-2022-26302 · Lavalite · Lavalite
Name of the Vulnerable Software and Affected Versions: Lavalite version 9.0.0 Description: The issue allows for path traversal attacks through the XSRF-TOKEN cookie, enabling read access to arbitrary files on the server. Recommendations: For Lavalite version 9.0.0, consider restricting access to...