This vulnerability is present in the current version

Copy the default style file in cms, and add theme.json and recompress it into a zip file

Where theme.json is as follows

{"themeName":"asdasd", "themeImage": "asdasdas", "themeAuthor":"asdasd", "themePath":"../../../../../../../../../../../../../../../"}

Upload and use this theme

Enter the template management to see the files in the root directory