[MEDIUM] Craft CMS has a Path Traversal Vulnerability in AssetsController

PKSA-y7v4-m2bd-8h2y CVE-2026-32262 GHSA-472v-j2g4-g9h2

Affected package: craftcms/cms

Affected version: >=5.0.0-RC1,<=5.9.10|>=4.0.0-RC1,<=4.17.4

Reported by:
GitHub