The save function in br/prefmanager.d in projectl 1.001 creates a projectL.prf file in the current working directory, which allows local users to overwrite arbitrary files via a symlink attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 27.4%