Name of the Vulnerable Software and Affected Versions yjmyjmyjm (affected versions not specified)

Description The issue allows a malicious actor to access files outside of the intended directory root, potentially resulting in the disclosure of private files on the vulnerable system. This is achieved through a directory traversal vulnerability, where relative file paths are resolved. For example, a malicious request can be made to access sensitive files, such as /../../../../../../../../../../etc/passwd, by sending a GET request to the vulnerable endpoint.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.