Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Linkwarden Local File Inclusion Vulnerability
Vulnerability Description
Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can result in leak of other user's links (and in some cases it might be possible to leak environment secrets). This issue has been patched in version 2.10.3 which has not been made public at time of publication.
CVSS Information
N/A
Vulnerability Type
文件名或路径的外部可控制
Vulnerability Title
Linkwarden 安全漏洞
Vulnerability Description
Linkwarden是Linkwarden开源的一个自托管协作书签管理器。 Linkwarden 2.10.2版本存在安全漏洞,该漏洞源于未验证file://链接,可能导致数据泄露。
CVSS Information
N/A
Vulnerability Type
N/A