ZIP Slip makes the application vulnerable to Path traversal attack and Sensitive data exposure.
1 Answer, 1 is accepted
answered on 16 Jun 2021, 01:45 PM
The Upload component does not support built-in security checks. What I can suggest in this situation is a using a third-party library to validate the selected files. The Upload component triggers a SelectEvent whenever a file is being selected. This event could be utilised to access and process the selected files (including the underlying raw file) on the client side.
I hope this information helps. Let me know if I could provide further assistance regarding the case.
Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.