LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9960)
Description
The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path.