maddin is a user on You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Serious vulnerability found in webservice function:

impact is that every file to which the user has read access can be silently disclosed to a webserver.

maddin @maddin

is asking all users today to upgrade to the latest version of for "for improved robustness and security":

I haven't found this issue in the list of fixed bugs yet. Will test tomorrow if this has been fixed.

· Web · 0 · 0

I could validate today that the vulnerability in function 'webservice' has been fixed in version 5.4.5