WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a commit.