CVE-2019-13915
CVE-2019-13915 : In b3log Wide, prior to version 1.6.0, three attack types enable arbitrary file read/write. 1) An attacker can insert and run code in the editor about three times to read an arbitrary file. 2) An attacker can create a symlink and place it in a ZIP archive; an unzip operation gran...