EspoCRM versions prior to 9.3.4 contain a path traversal vulnerability in admin template management endpoints. Authenticated administrators can exploit this flaw by using '../' sequences in 'name' and 'scope' parameters to escape the intended template directory. This allows attackers to read, create, overwrite, or delete arbitrary files with .tpl extensions within the web application's filesystem permissions. The vulnerability affects template path construction due to lack of proper normalization or traversal filtering. Version 9.3.4 addresses this security issue.