Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal.CreditsPiotr Bazydlo (@chudyPB) of watchTowrReferenceshttps://www.hyland.com/en/solutions/products/alfresco-platformhttps://www.vulncheck.com/advisories/hyland-alfresco-transformation-service-absolute-path-traversal-arbitrary-file-read-and-ssrf