The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. There is a directory traversal vulnerability in the processing of the 's' parameter of the applet.Referenceshttps://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/
