hugo is a website rendering tool that has plugins that can be configured we a config file.
Configuration files
hugo.toml
...
Hugo is very well designed and its virtual FS and other hardening features makes it quite safe in many cases, though if attacker can control hugo.toml it's still an issue, though we've seen cases in the wild where just *.md were exposed and through that vector we think there is no known "jailbreak" at the moment.
Description of the LOTP tool
hugo is a website rendering tool that has plugins that can be configured we a config file.
Configuration files
Hugo is very well designed and its virtual FS and other hardening features makes it quite safe in many cases, though if attacker can control hugo.toml it's still an issue, though we've seen cases in the wild where just
*.mdwere exposed and through that vector we think there is no known "jailbreak" at the moment.