Media items uploaded through the media module were accessible outside of TangoCMS, allowing users to bypass the ACL security checks by simply sharing a URL to the file.
- Affected versions:
- < 2.4.0
- Related bug report:
- Security #188
- Solution:
- Upgrade to 2.4.0 or later
0 comments for "TSA 2009-12/1"
There are currently no comments.