Branch: refs/heads/master
Home:
https://github.com/tribe29/checkmk
Commit: 31dfe9231eee816e308898ca4f8b844c38b2223f
https://github.com/tribe29/checkmk/commit/31dfe9231eee816e308898ca4f8b844c3…
Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com>
Date: 2021-08-18 (Wed, 18 Aug 2021)
Changed paths:
A .werks/13067
M cmk/gui/wato/pages/bulk_import.py
Log Message:
-----------
13067 SEC Fix path traversal vulnerability
An authenticated user was able to enumerate files ending with ".csv" on the
filesystem, accessible to the siteuser.
Change-Id: Ia02b039308e3a9e2f0625652885814d1fd33fb4f