Published: 04 April 2017
In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out.
CVSS 3 base score: 7.3
This issue was reported to us by Beyond Security but they did not discover the issue. The discoverer is unknown.