exposure of sensitive system files/directories #540
Description
In KodExplorer version 4.52 (and 4.52.01), the demo user (default guest account with credentials demo/demo) can access and list the server's physical root directory (e.g., C:\ on Windows/XAMPP or / on Linux) through the explorer/pathList endpoint.