CVE-2025-53908
Caution
This release fixes a critical authenticated path traversal vulnerability in an API endpoint that could allow unauthorized access to system files. All previous versions are affected. All users should update immediately to this patch version.
GHSA-fx9g-xw4j-jwc3
What's Changed
- Added proper input validation and sanitization to prevent directory traversal attacks by @gantoine in #2086
Full Changelog: 3.10.2...3.10.3