An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal.Referenceshttps://gitlab.com/albadotpy/ovidentia-information-disclosure-on-upload-directory-content