2017-11-10 09:00:00
mitre
PUBLISHED
Sanic before 0.5.1 allows reading arbitrary files with directory traversal, as demonstrated by the /static/..%2f substring.