CVE-2020-23766

An arbitrary file deletion vulnerability was discovered on htmly v2.7.5 which allows remote attackers to use any absolute path to delete any file in the server should they gain Administrator privileges. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt