GHSA-43F3-H63W-P6F6 Saltcorn Server allows logged-in users to delete arbitrary files because of a path traversal vulnerability
Summary A logged-in user with any role can delete arbitrary files on the filesystem by calling the sync/cleansyncdir endpoint. The dirname POST parameter is not validated/sanitized and is used to construct the syncDir that is deleted by calling fs.rm. Details - file:...