Critical LFI Vulnerability Reported in Hashnode Blogging Platform

Researchers have disclosed a previously undocumented local file inclusion (LFI) vulnerability in Hashnode, a developer-oriented blogging platform, that could be abused to access sensitive data such as SSH keys, server's IP address, and other network information. "The LFI originates in a Bulk Markdown Import feature that can be manipulated to provide attackers with unimpeded ability to download
https://thehackernews.com/2022/04/critical-lfi-vulnerability-reported-in.html?utm_source=dlvr.it&utm_medium=blogger