Back to search
CVE-2019-17050
Published: Sep 30, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
An issue was discovered in the Voyager package through 1.2.7 for Laravel. An attacker with admin privileges and Compass access can read or delete arbitrary files, such as the .env file. NOTE: a software maintainer has suggested a solution in which Compass is switched off in a production environment.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/the-control-group/voyager/issues/4322
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now