icingaweb2: Directory Traversal vulnerability (CVE-2020-24368)
Icinga Web2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2.
Fixed In Version:
Icingaweb v2.6.4, v2.7.4 and v2.8.2.
- master (2682613a)
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information