This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable malicious users to write to arbitrary locations outside the designated target folder.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
iris-go iris |
||
iris-go iris 12.2.0 |