CVE-2023-27755

go-bbs v1 was discovered to contain an arbitrary file download vulnerability via the component /api/v1/download.