CVE-2020-27467

A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php.