Hello, i find a issue in src/libre_chat/router.py, there may be a path Traversal vulnerability in method upload_documents.
if the filename of a uploaded in files be /../../../../../../../test.txt (e.g., modified by Burp), it may lead to a vulnerability that allows arbitrary file writes.
Hello, i find a issue in
src/libre_chat/router.py
, there may be a path Traversal vulnerability in methodupload_documents
. if the filename of auploaded
infiles
be/../../../../../../../test.txt
(e.g., modified by Burp), it may lead to a vulnerability that allows arbitrary file writes.