ID: 10462
Title: WATO backups: Fix file path traversal vulnerability
Component: WATO
Level: 1
Class: Security fix
Version: 1.7.0i1
The backup target directory was not validated correctly which made it possible
for an attacker that has access to WATO backups to compromise the site.
Using this vulnerability it was possible to write backup files to directories
that are writable by the site user.