A critical directory traversal vulnerability has been discovered in Performave Convoy's LocaleController component, enabling unauthenticated remote attackers to execute arbitrary…