The vulnerability of the EPUB Sigil software for editing e-books lies in the incorrect path limitation for accessing the restricted catalog. This allows attackers to write arbitrary files into any directory they choose.

The vulnerability of EPUB format electronic book editing software like Sigil exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to write arbitrary files to any directory...