Site icon API Security Blog

Path Traversal

Victor Test

image
Erxes is vulnerable to Path Traversal. The vulnerability is due to improper input validation due to insufficient sanitization of file paths in the importHistoriesCreate GraphQL mutation handler, allowing authenticated attackers to write to arbitrary…Read More

Exit mobile version