VYPR
Moderate severityNVD Advisory· Published Nov 29, 2021· Updated Aug 4, 2024

Path traversal in translator module of NobeBB

CVE-2021-43788

Description

Nodebb is an open source Node.js based forum software. Prior to v1.18.5, a path traversal vulnerability was present that allowed users to access JSON files outside of the expected languages/ directory. The vulnerability has been patched as of v1.18.5. Users are advised to upgrade as soon as possible.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
nodebbnpm
>= 1.0.4, < 1.18.51.18.5

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.