PT-2023-30242 · Apache · Apache Allura
Name of the Vulnerable Software and Affected Versions: Apache Allura versions 1.0.1 through 1.15.0 Description: The issue allows project administrators to import attachments with unrestricted URL values, potentially causing Apache Allura to read local files and expose them. This exposure can lead...