The payload -template-..-2F..-2F..-2F..-2Froot-2F is discussed here . Unauthorized use of path traversal attacks to access files on systems you do not own is illegal under laws like the Computer Fraud and Abuse Act (CFAA) in the US, and similar regulations globally.
: Never trust user-supplied input for file paths. Use a whitelist of allowed characters. -template-..-2F..-2F..-2F..-2Froot-2F
Here is a blog post template you can use to explain this vulnerability to developers or security enthusiasts. The payload -template-