-
Type: Bug
-
Status: Open
-
Priority: Major
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: Web UI
-
Tags:
-
Sprint:UI - 2024-8
CVE-2022-24785 | CWE-22
Severity : High
moment is vulnerable to path traversal. An attacker is able to access files outside the expected directory especially when a user-provided locale string is directly used to switch moment locale.
Current Version : 2.23.0
Recommended Upgrade Version : 2.29.4 to 2.30.1