A vulnerability was found in Rebuild up to 3.5.5 and classified as problematic. This issue affects the function
QiniuCloud.getStorageFile
of the file /filex/proxy-download. The manipulation of the argument url leads to information disclosure.
The identification of this vulnerability is CVE-2024-1098. The attack needs to be approached within the local network. Furthermore, there is an exploit available.