Product
A path traversal vulnerability (Zip Slip) exists in the gramps-webapi media archive import feature, allowing authenticated users with owner privileges to write arbitrary files outside the intended temporary extraction directory via malicious ZIP files, potentially leading to data corruption or replacement.