Submit #593627: xataio Xata Agent < 0.3.1 Arbitrary File Read
| Title | xataio Xata Agent < 0.3.1 Arbitrary File Read |
|---|---|
| Description | Xdata Agent does not check the parameters passed during the processing of `/app/evals ` route, resulting in the arbitrary file reading. |
| Source | ⚠️ https:/ |
| User | Anonymous User |
| Submission | 06/10/2025 04:20 (10 months ago) |
| Moderation | 06/19/2025 09:05 (9 days later) |
| Status | Accepted |
| VulDB entry | 313287 [xataio Xata Agent up to 0.3.0 route.ts GET passed path traversal] |
| Points | 15 |