qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader. Date published : 2022-02-28 https://github.com/