alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows archive contents to be written to arbitrary locations on the filesystem due to insufficient validation of extraction paths.
GHSA-q5hg-wppq-r2cc: alexusmai laravel-file-manager is vulnerable to Directory Traversal via the unzip/extraction functionality
alexusmai laravel-file-manager versions 3.3.1 and below suffer from a Directory Traversal vulnerability via unzip/extraction functionality.