CVE-2023-50264 | morpheus65535 bazarr up to 1.3.0 /system/backup/download/ send_file filename path traversal (GHSL-2023-192)

CVE-2023-50264 | morpheus65535 bazarr up to 1.3.0 /system/backup/download/ send_file filename path traversal (GHSL-2023-192)

A vulnerability classified as critical was found in morpheus65535 bazarr up to 1.3.0. This vulnerability affects the function send_file of the file /system/backup/download/. The manipulation of the argument filename leads to path traversal. This vulnerability was named CVE-2023-50264. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.