Vulnerabilities (CVE)

Filtered by vendor Rexians Subscribe
Filtered by product Rex-web
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-31568 1 Rexians 1 Rex-web 2024-02-28 6.4 MEDIUM 9.3 CRITICAL
The Rexians/rex-web repository through 2022-06-05 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.