CVE-2021-43800

Name of the Vulnerable Software and Affected Versions: Wiki.js versions prior to 2.5.254

Description: The issue allows directory traversal outside of the Wiki.js context when a storage module with local asset cache fetching is enabled on a Windows host. A malicious user can potentially read any file on the file system by crafting a special URL that allows for directory traversal. This is only possible on a Wiki.js server running on Windows, when a storage module implementing local asset cache is enabled and no web application firewall solution strips potentially malicious URLs.

Recommendations: For versions prior to 2.5.254, update to version 2.5.254 or later, which includes a fix that sanitizes the path before it is passed on to the storage module, removing any Windows directory traversal sequences. As a temporary workaround, consider disabling any storage module with local asset caching capabilities, such as Local File System or Git, until the update is applied.