Directory traversal in RStudio Shiny Server before 1.5.16 allows attackers to read the application source code, involving an encoded slash.
Published April 2, 2021.
Rstudio Shiny Server