CVE-2022-1850

Name of the Vulnerable Software and Affected Versions filegator/filegator versions prior to 7.8.0

Description The issue is related to Path Traversal in the filegator/filegator GitHub repository. It affects non-admin users, where files created with .. as part of their name are interpreted as a path, allowing users to add filesystem entries outside their scope to their dashboard and modify those files.

Recommendations For versions prior to 7.8.0, update to version 7.8.0 or later to resolve the issue. As a temporary workaround, consider restricting the ability to create files with .. in their name to prevent path traversal exploitation.