Tag
DumbAssets version 1.0.11 is vulnerable to a path traversal vulnerability in the POST /api/delete-file endpoint, allowing unauthenticated attackers to delete arbitrary files, including critical files like server.js or package.json, resulting in denial of service.