Path traversal in translator module of NobeBB
CVE-2021-43788
5MEDIUM
What is CVE-2021-43788?
Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected languages/ directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible.
Affected Version(s)
NodeBB >= 1.0.4, < 1.18.5
