Chengkang Sun

**Name of the Vulnerable Software and Affected Versions** Game extension engine versions 1.2.7.0 and earlier **Description** The game extension engine exposes some components, allowing attackers to construct parameters for path traversal attacks. These attacks can overwrite local specific files. **Recommendations** For versions 1.2.7.0 and earlier, consider disabling the vulnerable components until a patch is available. Restrict access to sensitive files and directories to minimize the risk of exploitation. Avoid using parameters that can be used for path traversal attacks in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.