2020-12-27 19:07:12
mitre
PUBLISHED
GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.