File Access Bypass
Discription
graphql-mesh/cli and graphql-mesh/http are vulnerable to File Access Bypass. The vulnerability is due to the `staticFiles` parameter in the configuration file being set to `serve`, which allows an attacker to access files in the server’s file system by relative paths.Read More
References
Back to Main