GHSA-PWVP-H579-HFXG Total.js CMS Path Traversal
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with the Pages privilege can conduct a path traversal attack ../ to include .html files that are outside the permitted directory. Also, if a page contains a template directive, then the directive will be server side processed...