CVE-2025-44177
Summary (concrete details from connected docs): White Star Software Protop (version 4.4.2-2024-11-27) is vulnerable to a directory traversal in the /pt3upd/ endpoint. An unauthenticated attacker can read arbitrary files on the OS by using encoded traversal sequences (e.g., URL-encoded payloads). ...