Non properly sanitized input allows attackers to gain access to arbitrary files.
A vulnerability has been reported allowing an attacker to read arbitrary files on a system. Specially crafted url strings can be used to access unintended files via an escaped slash character %2e