Arbitrary file read in ginadmin
High severity
GitHub Reviewed
Published
May 26, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
May 25, 2022
Published to the GitHub Advisory Database
May 26, 2022
Reviewed
Jun 1, 2022
Last updated
Jan 27, 2023
In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading. A patch is available on the
master
branch of the repository.References