CVE-2016-1505
CVE-2016-1505 affects Radicale’s Windows filesystem storage backend prior to 1.1, allowing a remote attacker to read or write arbitrary files via a crafted path such as /c:/file/ignore. The root cause is a directory-traversal flaw in the storage backend that processes crafted paths, enabling acce...