CVE-2023-27755
CVE-2023-27755 (go-bbs v1) is an arbitrary file download vulnerability in the /api/v1/download component. The connection between the affected code path and unauthorized file access is stated across multiple sources, with the root issue described as an arbitrary file download via the download endp...