CVE-2023-46864 | Peppermint Ticket Management up to 0.2.4 POST Request download filepath path traversal (Issue 171 / EUVD-2023-51030)
A vulnerability has been found in Peppermint Ticket Management up to 0.2.4 and classified as problematic. Affected by this issue is some unknown functionality of the file /api/v1/ticket/1/file/download of the component POST Request Handler. The manipulation of the argument filepath leads to relative path traversal.
This vulnerability is uniquely identified as CVE-2023-46864. The attack is possible to be carried out remotely. No exploit exists.