CVE-2024-0341

Name of the Vulnerable Software and Affected Versions Inis versions up to 2.0.1

Description A problematic issue affects the processing of the file /app/api/controller/default/File.php in the GET Request Handler component. The manipulation of the path argument leads to path traversal, specifically '../filedir'. This issue has been publicly disclosed and may be exploited.

Recommendations For Inis versions up to 2.0.1, consider restricting access to the vulnerable File.php component until a patch is available. As a temporary workaround, avoid using the path argument in the affected GET Request Handler to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.