Issues » Upload of file types unrestricted

Issue: SI-42
Date: Mar 9, 2017, 2:45:00 AM
Severity: Low
Requires Admin Access: Yes
Fix Version: n/a
Credit: shaohong wu
Description:

Authenticated users can uploaded bundles that contain files of any type.

Mitigation:

None - This is by design to allow users to upload content with any extensions needed for their sites.

References

CERT issue CVE-2017-3189