Name of the Vulnerable Software and Affected Versions GoLismero versions prior to Git revision 2b3bb43d6867

Description The issue allows local users to overwrite arbitrary files via a symlink attack on GoLismero-controlled files. This can be demonstrated using the Admin/changes.dat file.

Recommendations For GoLismero versions prior to Git revision 2b3bb43d6867, consider updating to a version that includes the fix for this issue, specifically Git revision 2b3bb43d6867 or later. As a temporary workaround, restrict access to the libs/updater.py file to minimize the risk of exploitation. Avoid using the Admin/changes.dat file in a way that could be exploited by the vulnerability until the issue is resolved.