2018-12-17 06:00:00
mitre
PUBLISHED
Rendertron 1.0.0 allows for alternative protocols such as file:// introducing a Local File Inclusion (LFI) bug where arbitrary files can be read by a remote attacker.