CVE-2016-1505

Name of the Vulnerable Software and Affected Versions Radicale versions prior to 1.1

Description The issue allows remote attackers to read or write to arbitrary files via a crafted path. For example, a crafted path like '/c:/file/ignore' can be used to access files on the system.

Recommendations For versions prior to 1.1, update to version 1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the filesystem storage backend to minimize the risk of exploitation.