evoting is an e-voting application open sourced by Idayrus Studio in Indonesia. evoting versions prior to 2022-05-08 contain a path traversal vulnerability that stems from a failure of the Flask send_file function to properly filter special elements in a resource or file path, which could be exploited by an attacker to access arbitrary files and directories stored on the file system.