pretalx is vulnerable to Path Traversal. The vulnerability exists in export_schedule_html.py
which allows an attacker to read arbitrary files by uploading crafted html documents.
github.com/advisories/GHSA-wh3w-jcc7-mhmf
github.com/pretalx/pretalx/commit/1f58cdd6b200db2418991928936e4dfcdd3d882e
github.com/pretalx/pretalx/commit/60722c43cf975f319e94102e6bff320723776890
github.com/pretalx/pretalx/releases/tag/v2.3.2
pretalx.com/p/news/security-release-232/
www.sonarsource.com/blog/pretalx-vulnerabilities-how-to-get-accepted-at-every-conference/