Submit #275053: rebuild rebuild <= 3.5.5 Unauthorized file readinfo

Title	rebuild rebuild <= 3.5.5 Unauthorized file read
Description	In the FileDownloader#proxyDownloadmethod, receives the parameter url, and calls QiniuCloud.getStorageFilemethod,and call writeLocalFile to echo result.So the attacker can read files of user directory .rebuild without login.
Source	⚠️ https://www.yuque.com/mailemonyeyongjuan/tha8tr/ouiw375l0m8mw5ls
User	lemono (ID 59906)
Submission	2024-01-30 04:21 (4 months ago)
Moderation	2024-01-31 08:02 (1 day later)
Status	Przyjęty
VulDB Entry	252455

Might our Artificial Intelligence support you?

Check our Alexa App!