diff --git a/src/SSCMS.Web/Controllers/Admin/Cms/Templates/TemplatesAssetsEditorController.Get.cs b/src/SSCMS.Web/Controllers/Admin/Cms/Templates/TemplatesAssetsEditorController.Get.cs
index ba0b36d16befc53a26fc5842f7daa25e816a3cfd..4ed5c15a0a3e1ce7533db87aaed289cd1336fd1a 100644
--- a/src/SSCMS.Web/Controllers/Admin/Cms/Templates/TemplatesAssetsEditorController.Get.cs
+++ b/src/SSCMS.Web/Controllers/Admin/Cms/Templates/TemplatesAssetsEditorController.Get.cs
@@ -1,4 +1,4 @@
-using System.Threading.Tasks;
+using System.Threading.Tasks;
 using Microsoft.AspNetCore.Mvc;
 using SSCMS.Configuration;
 using SSCMS.Utils;
@@ -32,7 +32,9 @@ namespace SSCMS.Web.Controllers.Admin.Cms.Templates
             var path = string.Empty;
             var content = string.Empty;
 
-            var directoryPath = request.DirectoryPath; // PathUtils.RemoveParentPath(request.DirectoryPath);
+            var directoryPath = request.DirectoryPath; 
+            // PathUtils.RemoveParentPath(request.DirectoryPath);
+            //BUG高危漏洞：未判断读取文件夹是否为父文件夹，导致可返回应用程序根目录下中sscms.json文件。
             var fileName = PathUtils.RemoveParentPath(request.FileName);
 
             if (!string.IsNullOrEmpty(fileName))
@@ -41,7 +43,7 @@ namespace SSCMS.Web.Controllers.Admin.Cms.Templates
 
                 if (FileUtils.IsFileExists(filePath))
                 {
-                    content = await FileUtils.ReadTextAsync(filePath);
+                    content = await FileUtils.ReadTextAsync(filePath); //BUG高危漏洞：读取文件时未判断文件后缀名，导致可查看到sscms.json文件中的key和数据库连接配置，请修改！！！
                 }
 
                 if (StringUtils.EqualsIgnoreCase(request.FileType, "html"))