MidnightBSD

Advisories for aahframework

CVE-2020-36559

Due to improper sanitization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.

Products Affected

Vendor Product Version
aahframework aah *