CVE-2023-38337
CVE-2023-38337
rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →