CVE-2016-7135
CVE-2016-7135: Directory traversal in Plone CMS (versions 5.x up to 5.0.6 and 4.2.x up to 4.3.11) allows remote administrators to read arbitrary files via a .. in the path parameter of a getFile action to Plone/++theme++barceloneta/@@plone.resourceeditor.filemanager-actions. Root cause is unsanit...