CVE-2022-2653 Information

Description

With this vulnerability an attacker can read many sensitive files like configuration files or the /proc/self/environ file that contains the environment variable used by the web server that includes database credentials. If the web server user is root an attacker will be able to read any file in the system.

Reference

https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418 https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70