CVE-2022-39023

U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt