Tracker »

Issue 2377 – Avoid replacing %2F with a slash and %2E with a dot in special cases on upload to avoid path traversal

: General
: Unspecified
: Bug
: Medium
: 0
: RESOLVED
: FIXED
: 6.5.2
Last modified: 2025-05-23 07:22
2025-05-21 14:36
https://winscp.net/forum/viewtopic.php?t=35364
Discovered by Aleksandr Zhurnakov (Positive Technologies).
2025-05-21 14:36
Fixed.
2025-05-23 07:22
Commit d39f87c8

Documentation

Support

Associations

Follow Us