An issue exists in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x prior to 2.0.1 on Windows. Path traversal is possible via backslash characters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sinatrarb sinatra 2.0.0 |
||
sinatrarb sinatra 2.0.1 |