Agentejo Cockpit performs actions on files without appropriate validation and therefore allows an attacker to traverse the file system to unintended locations and/or access arbitrary files, aka /media/api Directory Traversal.Referenceshttp://seclists.org/fulldisclosure/2018/Oct/30
