opencast-common is using unsafe identifier. The package allows the use of arbitrary identifiers for media packages and file systems, causing the identifier mismatch as an identifier may unintentionally be changed. When the identifiers are used for file system operations, an attacker can make use of the flaw to escape the directories and perform arbitrary file writes to other locations.