CVE-2015-0933 Information

Description

Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier when the paranoid openin_any setting is omitted allows remote authenticated users to read arbitrary files via a \include command.

Reference

http://www.kb.cert.org/vuls/id/302668