1 results (0.001 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37896 – Nuclei Path Traversal vulnerability
https://notcve.org/view.php?id=CVE-2023-37896
Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. • https://github.com/projectdiscovery/nuclei/pull/3927 https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9 https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •