Public CVE-2018-20131 disclosure

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file.