CVE-2022-27620

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology SSO Server before 2.2.3-0331 allows remote authenticated users to read arbitrary files via unspecified vectors. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt