From ac238c65a09abd138dd5295685e2b3c5484b3df9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20B=C3=B6hmer?= <jan.h.boehmer@gmx.de>
Date: Wed, 25 Sep 2019 16:49:44 +0200
Subject: [PATCH] Remove .. from attachments pathes, to prevent leaking of
 internal files.

---
 src/Services/AttachmentHelper.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Services/AttachmentHelper.php b/src/Services/AttachmentHelper.php
index 95221ff9..7e74fe6f 100644
--- a/src/Services/AttachmentHelper.php
+++ b/src/Services/AttachmentHelper.php
@@ -120,8 +120,8 @@ class AttachmentHelper
         //Older path entries are given via %BASE% which was the project root
         $placeholder_path = str_replace($placeholders, $targets, $placeholder_path);
 
-        //Normalize path
-        $placeholder_path = str_replace('\\', '/', $placeholder_path);
+        //Normalize path and remove ..
+        $placeholder_path = str_replace(['\\','..'], ['/',''], $placeholder_path);
 
         return $placeholder_path;
     }