The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions, which allows remote attackers to overwrite arbitrary fil