libre-chat icon indicating copy to clipboard operation
libre-chat copied to clipboard
verified publisher icon vemonet

Fix Path Traversal issue

Open jxfzzzt opened this issue 1 year ago • 0 comments

Hello, i find a issue in src/libre_chat/router.py, there may be a path Traversal vulnerability in method upload_documents. if the filename of a uploaded in files be /../../../../../../../test.txt (e.g., modified by Burp), it may lead to a vulnerability that allows arbitrary file writes.

jxfzzzt avatar Jul 28 '24 09:07 jxfzzzt