Details
-
Type:
Security Advisory
-
Status: Done/Fixed
-
Priority:
Minor
-
Resolution: Fixed/Completed
-
Affects Version/s: 4.5.4
-
Fix Version/s: None
-
Component/s: CiviCRM.org Website
-
Labels:None
-
Documentation Required?:None
-
Funding Source:Core Team Funds
Description
When I was recently editing my blog post on civicrm.org and uploaded a screen sprint, I noticed that in the "Browse Server" dialog window I have access to see and download way too much. I also have the ability to delete files that others have uploaded.
I have attached a screen print of what I am seeing.
