A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted POST request to the /read-examples endpoint.
"https://github.com/pypa/advisory-database/blob/main/vulns/agentscope/PYSEC-2025-83.yaml"