Product
Fireshare version 1.5.1 is vulnerable to an authenticated path traversal, allowing attackers to write arbitrary files outside the intended upload directory due to insufficient sanitization of the `checkSum` field in the chunked upload endpoint.