Snippets Groups Projects

This is an archived project. Repository and other project resources are read-only.

Commit 0152c43a authored 3 years ago by Serge Bazanski Committed by stuebinm 3 years ago

SECURITY: Fix path traversal in script verification

The following used to be allowed:

scripts: https://static.rc3.world/scripts/../maps/81c8add623eea2704f20/e65b545e-342f-4be0-b369-c0eacff7b15d/re-blessed.mp3.js

This is obviously not good, as it allows scripts from arbitrary maps.

parent 89a4aa1e

No related branches found

No related tags found

No related merge requests found

Pipeline #12891 passed 3 years ago

Hide whitespace changes

Inline Side-by-side

Showing with 3 additions and 2 deletions

Please register or to comment

Impressum - Datenschutzerklärung