Slack: [Android] Directory traversal leading to disclosure of auth tokens

Files uploaded to and opened in Slack with specially-crafted names could cause the Android operating system to overwrite configuration files on customer devices, potentially exposing Slack data to attacker-controlled websites. In order to take advantage of this vulnerability, attackers needed to ...