Directory traversal vulnerability in Thomson Reuters for FATCA prior to 5.2 allows remote malicious users to execute arbitrary files via the item parameter.
thomsonreuters fatca