rendertron is vulnerable to local file inclusion (LFI) attacks. The vulnerability exists due to the ability to include file:///
via alternative protocols which allows unauthenticated users to read local files.
CPE | Name | Operator | Version |
---|---|---|---|
rendertron | le | 1.1.1 |