CVE-2021-40978 mkdocs built-in dev-server directory traversal exploitation Mkdocs 122 allows directory traversal through the built-in dev-server which responds on port 8000 There is below some examples of successfully exploited paths: Impact Using this tecnique it is possible to fetch files outside of the root directory, allowing anyone to read and download arbitrary files