7224fbcc89
- Files within the storage/ path could be accessed via path traversal references in content, accessed upon HTML export. - This addresses this via two layers: - Scoped local flysystem filesystems down to the specific image & file folders since flysystem has built-in checking against the escaping of the root folder. - Added path normalization before enforcement of uploads/{images,file} prefix to prevent traversal at a path level. Thanks to @Haxatron via huntr.dev for discovery and reporting. Ref: https://huntr.dev/bounties/ac268a17-72b5-446f-a09a-9945ef58607a/ |
||
---|---|---|
.. | ||
api.php | ||
app.php | ||
auth.php | ||
broadcasting.php | ||
cache.php | ||
database.php | ||
debugbar.php | ||
dompdf.php | ||
filesystems.php | ||
hashing.php | ||
logging.php | ||
mail.php | ||
queue.php | ||
saml2.php | ||
services.php | ||
session.php | ||
setting-defaults.php | ||
snappy.php | ||
view.php |