CVE-2022-31588

CVE-2022-31588 describes an absolute path traversal flaw in the zippies/testplatform repository (pre-2016-07-19) caused by unsafe use of Flask’s send_file function. The vulnerability arises from how file paths are handled, enabling an attacker to access arbitrary files on the server. Public refer...