The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The 'css' parameter contains a directory traversal vulnerability.Referenceshttps://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/
