关键信息 漏洞类型: Local File Inclusion 受影响版本: <= 93.0.0 优先级: High priority 风险: This vulnerability is highly dangerous and expected to become mass exploited. 描述: - A malicious actor could include local files of the target website and show its output on the screen. - Files which store credentials, such as database credentials, could potentially allow complete database takeover depending on the configuration. 解决方案: - Automatically mitigate vulnerabilities and keep your websites safe. - Patchstack has issued a virtual patch to mitigate this issue by blocking any attacks until an official fix becomes available. 时间线: - Reported by Frank to Patchstack: 12 June 2023 - Early warning sent out to Patchstack customers: 12 June 2023 - Published by Patchstack: 14 June 2023