Path Traversal in Sonatype IQ Server from version 143 allows remote authenticated malicious users to overwrite or delete files via a specially crafted request. Version 171 fixes this issue.