Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. /etc/passwd by appending slashes to the URL request.
[
{
"product": "m-server",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "<1.4.1"
}
]
}
]