Branch: refs/heads/2.0.0
Home:
https://github.com/tribe29/checkmk
Commit: ff54358f779834bff8f3ab507b1451ccb14dace8
https://github.com/tribe29/checkmk/commit/ff54358f779834bff8f3ab507b1451ccb…
Author: Maximilian Wirtz <maximilian.wirtz(a)tribe29.com>
Date: 2021-08-18 (Wed, 18 Aug 2021)
Changed paths:
A .werks/13067
M cmk/gui/wato/pages/bulk_import.py
Log Message:
-----------
13067 SEC Fix path traversal vulnerability
An authenticated user was able to enumerate files ending with ".csv" on the
filesystem, accessible to the siteuser.
Change-Id: Ia02b039308e3a9e2f0625652885814d1fd33fb4f