CVE-2023-28330
Description
Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.
NVD
Severity: MEDIUM
CVE ID: CVE-2023-28330
CVSS Score: 6.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Proof Of Concept
cli-ish
Refrence: GitHub