Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

block path traversal in image editor, transform .. to _ #915

Merged
merged 1 commit into from
Feb 3, 2021
Merged

block path traversal in image editor, transform .. to _ #915

merged 1 commit into from
Feb 3, 2021

Conversation

fiammybe
Copy link
Member

@fiammybe fiammybe commented Feb 2, 2021

Closes #914

@fiammybe fiammybe added the security vulnerability Security vulnerability detected by WhiteSource label Feb 2, 2021
@fiammybe fiammybe added this to the 1.4.3 milestone Feb 2, 2021
@fiammybe fiammybe requested a review from MekDrop February 2, 2021 21:55
@fiammybe fiammybe self-assigned this Feb 2, 2021
@fiammybe fiammybe linked an issue Feb 3, 2021 that may be closed by this pull request
Arbitrary File Deletion via Path Traversal in image-edit.php #914
Closed
@fiammybe fiammybe merged commit f687682 into branches/impresscms_1.4 Feb 3, 2021
@fiammybe fiammybe deleted the fix-path-traversal-imageeditor branch February 3, 2021 16:11
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@MekDrop MekDrop MekDrop approved these changes

Assignees

@fiammybe fiammybe

Labels
security vulnerability Security vulnerability detected by WhiteSource
Projects
None yet
Milestone
1.4.3
Development

Successfully merging this pull request may close these issues.

Arbitrary File Deletion via Path Traversal in image-edit.php
2 participants
@fiammybe @MekDrop