CVE-2018-3734

Name of the Vulnerable Software and Affected Versions stattic versions prior to 0.3.0

Description The issue is related to a Path Traversal vulnerability due to the lack of validation of path, which allows a malicious user to read the content of any file with a known path. This vulnerability can be exploited by a remote attacker to read arbitrary files with any extension from the server that uses stattic.

Recommendations Update to version 0.3.0 or later. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.