#25 File names can overwrite other resources

Отворено

отворено пре 5 година од sindre · 0 коментара

When uploading a file it can overwrite other files, even those ondifferent levels due to lack of input validation. This is differentfrom uploading, as even without checking for file name, itshould be checked that it won’t overwrite another file.

sindre added this to the Required fixes milestone пре 5 година

sindre added the

webpy

label пре 5 година

sindre added the

bug

label пре 5 година

sindre added the

security misconfiguration

label пре 5 година

sindre modified the milestone from Required fixes to Optional vulnerabilities пре 5 година

Пријавите се да се прикључе у овом разговору.

bug

security misconfiguration

webpy

Optional vulnerabilities

No Assignees

1 учесника

Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.