Improper Access Control. for studio-42/elfinder #3674
sergiu-beepdigital
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
My SNYK is complaining that this library has got some vulnerabilities ?
Affecting studio-42/elfinder package, versions >=0.0.0
Overview
studio-42/elfinder is an open-source file manager for web, written in JavaScript using jQuery UI.
Affected versions of this package are vulnerable to Improper Access Control via the file copying process. An attacker can expose secrets and perform unauthorized actions by copying files with unauthorized extensions between server directories.
https://security.snyk.io/vuln/SNYK-PHP-STUDIO42ELFINDER-7574731
Is that a known issue , anything to be concerned?
Beta Was this translation helpful? Give feedback.
All reactions