EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, the admin template management endpoints accept attacker-controll…

EspoCRM versions prior to 9.3.4 contain a path traversal vulnerability in admin template management endpoints. Authenticated administrators can exploit this flaw by using '../' sequences in 'name' and 'scope' parameters to escape the intended template directory. This allows attackers to read, create, overwrite, or delete arbitrary files with .tpl extensions within the web application's filesystem permissions. The vulnerability affects template path construction due to lack of proper normalization or traversal filtering. Version 9.3.4 addresses this security issue.