1 matches found
Directory Traversal
FileDownloader is vulnerable to directory traversal. Failing to check filename in util/FileDownloadUtils.java allows the attacker to trigger the attack by sending a file attachment's name with ../...