Spatie · Spatie/Browsershot · CVE-2024-21547
**Name of the Vulnerable Software and Affected Versions**
spatie/browsershot versions prior to 5.0.2
**Description**
The issue is related to Directory Traversal due to URI normalization in the browser. An attacker could bypass the file:// check with file:, allowing access to server files by exploiting the normalization of into /.
**Recommendations**
For versions prior to 5.0.2, update to version 5.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files on the server until the update is applied.