Host the project locally.
For example if address is http://127.0.0.1:8088 ==> visit http://127.0.0.1:8088/system/config/permissions.yaml
http://127.0.0.1:8088/system/config/permissions.yaml ==> you will get the content of permissions.yaml file.
Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of restricted directory on the remote server. This could lead to the disclosure of sensitive data on the vulnerable server.